Plainware Shiftcontroller Employee Shift Scheduling

5 CVEs affecting Plainware Shiftcontroller Employee Shift Scheduling. Latest disclosed: 2024-10-06. Critical: 0, High: 2.

Top CVEs affecting Plainware Shiftcontroller Employee Shift Scheduling
CVESeverityScorePublishedSummary
CVE-2024-4733High7.52024-05-16The ShiftController Employee Shift Scheduling plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the `hc3_session`-cookie…
CVE-2023-29424High7.12023-06-26Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Plainware ShiftController Employee Shift Scheduling plugin <= 4.9.23 versions.
CVE-2024-9435Medium6.12024-10-04The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys in all versions up to, and incl…
CVE-2023-1978Medium6.12023-06-09The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and…
CVE-2024-44040Medium5.92024-10-06Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in plainware ShiftController Employee Shift Scheduling shift…