Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-6892 |
The EAN for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'alg_wc_ean_product_meta' shortcode in all versions up to, and including, 4.8.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Published: April 18, 2024; 7:15:37 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-50885 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AGILELOGIX Store Locator WordPress.This issue affects Store Locator WordPress: from n/a through 1.4.14. Published: April 18, 2024; 7:15:37 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-49768 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Stored XSS.This issue affects WP-FormAssembly: from n/a through 2.0.10. Published: April 18, 2024; 7:15:36 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-47843 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0. Published: April 18, 2024; 7:15:36 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-3675 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Secomea GateManager (Web GUI) allows Reading Data from System Resources.This issue affects GateManager: from 11.0.623074018 before 11.0.623373051. Published: April 18, 2024; 7:15:36 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32586 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Munir Kamal Gutenberg Block Editor Toolkit allows Stored XSS.This issue affects Gutenberg Block Editor Toolkit: from n/a through 1.40.4. Published: April 18, 2024; 6:15:14 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32585 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue affects Import Content in WordPress & WooCommerce with Excel: from n/a through 4.2. Published: April 18, 2024; 6:15:14 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32584 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StandaloneTech TeraWallet – For WooCommerce allows Stored XSS.This issue affects TeraWallet – For WooCommerce: from n/a through 1.5.0. Published: April 18, 2024; 6:15:14 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32583 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Photo Gallery Team Photo Gallery by 10Web allows Reflected XSS.This issue affects Photo Gallery by 10Web: from n/a through 1.8.21. Published: April 18, 2024; 6:15:13 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32582 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bowo Debug Log Manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through 2.3.1. Published: April 18, 2024; 6:15:13 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32581 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lenderd Mortgage Calculators WP allows Stored XSS.This issue affects Mortgage Calculators WP: from n/a through 1.56. Published: April 18, 2024; 6:15:13 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32580 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Master Slider allows Stored XSS.This issue affects Master Slider: from n/a through 3.9.8. Published: April 18, 2024; 6:15:13 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32579 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation allows Stored XSS.This issue affects Restaurant Menu – Food Ordering System – Table Reservation: from n/a through 2.4.1. Published: April 18, 2024; 6:15:13 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32578 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Slider by 10Web allows Reflected XSS.This issue affects Slider by 10Web: from n/a through 1.2.54. Published: April 18, 2024; 6:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32577 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr Team CBX Bookmark & Favorite cbxwpbookmark allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.20. Published: April 18, 2024; 6:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32576 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8. Published: April 18, 2024; 6:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32575 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.1.9. Published: April 18, 2024; 6:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32574 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Reflected XSS.This issue affects WP Simple HTML Sitemap: from n/a through 2.8. Published: April 18, 2024; 6:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32573 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for eBay allows Stored XSS.This issue affects WP-Lister Lite for eBay: from n/a through 3.5.11. Published: April 18, 2024; 6:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32572 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elementor Addons: from n/a through 5.6.0. Published: April 18, 2024; 6:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |