Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-29792 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Reflected XSS.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.93. Published: March 27, 2024; 9:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29791 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Reflected XSS.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 2.01. Published: March 27, 2024; 9:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29790 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Squirrly SEO Plugin by Squirrly SEO allows Reflected XSS.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.3.16. Published: March 27, 2024; 9:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29789 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Walter Pinem OneClick Chat to Order allows Stored XSS.This issue affects OneClick Chat to Order: from n/a through 1.0.5. Published: March 27, 2024; 9:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29788 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Podlove Podlove Web Player allows Stored XSS.This issue affects Podlove Web Player: from n/a through 5.7.1. Published: March 27, 2024; 9:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29777 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMU DEV Forminator allows Reflected XSS.This issue affects Forminator: from n/a through 1.29.0. Published: March 27, 2024; 9:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29776 |
Cross Site Scripting (XSS) vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.9. Published: March 27, 2024; 9:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29775 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vinoth06. Frontend Dashboard allows Stored XSS.This issue affects Frontend Dashboard: from n/a through 2.2.1. Published: March 27, 2024; 9:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29774 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpDirectoryKit WP Directory Kit allows Reflected XSS.This issue affects WP Directory Kit: from n/a through 1.2.9. Published: March 27, 2024; 9:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29772 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stormhill Media MyBookTable Bookstore allows Stored XSS.This issue affects MyBookTable Bookstore: from n/a through 3.3.7. Published: March 27, 2024; 9:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29771 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftLab Dracula Dark Mode - The Revolutionary Dark Mode Plugin For WordPress allows Stored XSS.This issue affects Dracula Dark Mode - The Revolutionary Dark Mode Plugin For WordPress: from n/a through 1.0.8. Published: March 27, 2024; 9:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29770 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pretty Links Shortlinks by Pretty Links allows Reflected XSS.This issue affects Shortlinks by Pretty Links: from n/a through 3.6.2. Published: March 27, 2024; 9:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29769 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Portfolio Gallery – Image Gallery Plugin allows Stored XSS.This issue affects Portfolio Gallery – Image Gallery Plugin: from n/a through 1.5.6. Published: March 27, 2024; 9:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29768 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra allows Stored XSS.This issue affects Astra: from n/a through 4.6.4. Published: March 27, 2024; 9:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29767 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wobbie.Nl Doneren met Mollie allows Reflected XSS.This issue affects Doneren met Mollie: from n/a through 2.10.2. Published: March 27, 2024; 9:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29766 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StreamWeasels StreamWeasels Twitch Integration allows Stored XSS.This issue affects StreamWeasels Twitch Integration: from n/a through 1.7.5. Published: March 27, 2024; 9:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28784 |
IBM QRadar SIEM 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 285893. Published: March 27, 2024; 9:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-27270 |
IBM WebSphere Application Server Liberty 23.0.0.3 through 24.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in a specially crafted URI. IBM X-Force ID: 284576. Published: March 27, 2024; 9:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-27091 |
GeoNode is a geospatial content management system, a platform for the management and publication of geospatial data. An issue exists within GEONODE where the current rich text editor is vulnerable to Stored XSS. The applications cookies are set securely, but it is possible to retrieve a victims CSRF token and issue a request to change another user's email address to perform a full account takeover. Due to the script element not impacting the CORS policy, requests will succeed. This vulnerability is fixed in 4.2.3. Published: March 27, 2024; 9:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-6400 |
Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management (ZCM) allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management (ZCM) versions: 2020 update 3, 23.3, and 23.4. Published: March 27, 2024; 9:15:46 AM -0400 |
V3.x:(not available) V2.0:(not available) |