Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-32098 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: from n/a through 8.0.6. Published: April 15, 2024; 4:15:13 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32087 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExportFeed.Com Product Feed on WooCommerce for Google.This issue affects Product Feed on WooCommerce for Google: from n/a through 3.5.7. Published: April 15, 2024; 4:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32082 |
Cross-Site Request Forgery (CSRF) vulnerability in kp4coder Sync Post With Other Site allows Cross-Site Scripting (XSS).This issue affects Sync Post With Other Site: from n/a through 1.5.1. Published: April 15, 2024; 4:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31093 |
Cross-Site Request Forgery (CSRF) vulnerability in Kaloyan K. Tsvetkov Broken Images allows Cross-Site Scripting (XSS).This issue affects Broken Images: from n/a through 0.2. Published: April 15, 2024; 4:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31086 |
Cross-Site Request Forgery (CSRF) vulnerability in Venugopal Change default login logo,url and title allows Cross-Site Scripting (XSS).This issue affects Change default login logo,url and title: from n/a through 2.0. Published: April 15, 2024; 4:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30545 |
Cross-Site Request Forgery (CSRF) vulnerability in Nick Powers Social Author Bio allows Stored XSS.This issue affects Social Author Bio: from n/a through 2.4. Published: April 15, 2024; 4:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32454 |
Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom GoogleMeet and more – Wappointment.This issue affects Appointment Bookings for Zoom GoogleMeet and more – Wappointment: from n/a through 2.6.0. Published: April 15, 2024; 3:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32453 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POEditor allows Stored XSS.This issue affects POEditor: from n/a through 0.9.8. Published: April 15, 2024; 3:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32429 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPChill Remove Footer Credit allows Stored XSS.This issue affects Remove Footer Credit: from n/a through 1.0.13. Published: April 15, 2024; 3:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32428 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moss Web Works MWW Disclaimer Buttons allows Stored XSS.This issue affects MWW Disclaimer Buttons: from n/a through 3.0.2. Published: April 15, 2024; 3:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32149 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Jobs for WordPress allows Reflected XSS.This issue affects Jobs for WordPress: from n/a through 2.7.5. Published: April 15, 2024; 3:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32147 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Form Plugin Team - GhozyLab Easy Contact Form Lite allows Stored XSS.This issue affects Easy Contact Form Lite : from n/a through 1.1.23. Published: April 15, 2024; 3:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32145 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PineWise WP Google Analytics Events allows Reflected XSS.This issue affects WP Google Analytics Events: from n/a through 2.8.0. Published: April 15, 2024; 3:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32140 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Libsyn Libsyn Publisher Hub allows Stored XSS.This issue affects Libsyn Publisher Hub: from n/a through 1.4.4. Published: April 15, 2024; 3:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32138 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KaizenCoders Short URL allows Reflected XSS.This issue affects Short URL: from n/a through 1.6.8. Published: April 15, 2024; 3:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32133 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Schuppenies EZ Form Calculator allows Reflected XSS.This issue affects EZ Form Calculator: from n/a through 2.14.0.3. Published: April 15, 2024; 3:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32079 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Dempfle Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2024.2. Published: April 15, 2024; 3:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-52144 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RexTheme Product Feed Manager.This issue affects Product Feed Manager: from n/a through 7.3.15. Published: April 15, 2024; 3:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3771 |
A vulnerability was found in PHPGurukul Student Record System 3.20 and classified as critical. Affected by this issue is some unknown functionality of the file /edit-subject.php. The manipulation of the argument sub1/sub2/sub3/sub4/udate leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-260618 is the identifier assigned to this vulnerability. Published: April 15, 2024; 2:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32489 |
TCPDF before 6.7.4 mishandles calls that use HTML syntax. Published: April 15, 2024; 2:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |