NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

There are 232,876 matching records.

Displaying matches 41 through 60.

Vuln ID	Summary	CVSS Severity
CVE-2024-33694	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Meks Meks ThemeForest Smart Widget allows Stored XSS.This issue affects Meks ThemeForest Smart Widget: from n/a through 1.5. Published: April 26, 2024; 9:15:47 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-33693	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Meks Meks Smart Social Widget allows Stored XSS.This issue affects Meks Smart Social Widget: from n/a through 1.6.4. Published: April 26, 2024; 9:15:47 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-33692	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Satrya Smart Recent Posts Widget allows Stored XSS.This issue affects Smart Recent Posts Widget: from n/a through 1.0.3. Published: April 26, 2024; 9:15:47 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-33691	Cross-Site Request Forgery (CSRF) vulnerability in OptinMonster Popup Builder Team OptinMonster.This issue affects OptinMonster: from n/a through 2.15.3. Published: April 26, 2024; 9:15:47 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-33690	Cross-Site Request Forgery (CSRF) vulnerability in Jegstudio Financio.This issue affects Financio: from n/a through 1.1.3. Published: April 26, 2024; 9:15:46 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-33689	Cross-Site Request Forgery (CSRF) vulnerability in Tony Zeoli, Tony Hayes Radio Station.This issue affects Radio Station: from n/a through 2.5.7. Published: April 26, 2024; 9:15:46 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-33688	Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Teluro.This issue affects Teluro: from n/a through 1.0.31. Published: April 26, 2024; 9:15:46 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2023-52646	In the Linux kernel, the following vulnerability has been resolved: aio: fix mremap after fork null-deref Commit e4a0d3e720e7 ("aio: Make it possible to remap aio ring") introduced a null-deref if mremap is called on an old aio mapping after fork as mm->ioctx_table will be set to NULL. [jmoyer@redhat.com: fix 80 column issue] Published: April 26, 2024; 9:15:46 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-32822	Missing Authorization vulnerability in impleCode Reviews Plus.This issue affects Reviews Plus: from n/a through 1.3.4. Published: April 26, 2024; 8:15:07 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-33683	Cross-Site Request Forgery (CSRF) vulnerability in WP Republic Hide Dashboard Notifications.This issue affects Hide Dashboard Notifications: from n/a through 1.2.3. Published: April 26, 2024; 7:15:47 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-33682	Cross-Site Request Forgery (CSRF) vulnerability in Cookie Information A/S WP GDPR Compliance.This issue affects WP GDPR Compliance: from n/a through 2.0.23. Published: April 26, 2024; 7:15:47 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-33680	Cross-Site Request Forgery (CSRF) vulnerability in MainWP MainWP Child Reports.This issue affects MainWP Child Reports: from n/a through 2.1.1. Published: April 26, 2024; 7:15:46 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-33679	Cross-Site Request Forgery (CSRF) vulnerability in FameThemes FameTheme Demo Importer.This issue affects FameTheme Demo Importer: from n/a through 1.1.5. Published: April 26, 2024; 7:15:46 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-33678	Cross-Site Request Forgery (CSRF) vulnerability in ClickCease ClickCease Click Fraud Protection.This issue affects ClickCease Click Fraud Protection: from n/a through 3.2.4. Published: April 26, 2024; 7:15:46 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-33677	Cross-Site Request Forgery (CSRF) vulnerability in Renzo Johnson Contact Form 7 Extension For Mailchimp.This issue affects Contact Form 7 Extension For Mailchimp: from n/a through 0.5.70. Published: April 26, 2024; 7:15:46 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-32957	Missing Authorization vulnerability in Live Composer Team Page Builder: Live Composer.This issue affects Page Builder: Live Composer: from n/a through 1.5.38. Published: April 26, 2024; 7:15:46 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-32829	Missing Authorization vulnerability in Supsystic Data Tables Generator by Supsystic.This issue affects Data Tables Generator by Supsystic: from n/a through 1.10.31. Published: April 26, 2024; 7:15:45 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-32828	Missing Authorization vulnerability in Octolize Flexible Shipping.This issue affects Flexible Shipping: from n/a through 4.24.15. Published: April 26, 2024; 7:15:45 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-32826	Missing Authorization vulnerability in Vektor,Inc. VK Block Patterns.This issue affects VK Block Patterns: from n/a through 1.31.0. Published: April 26, 2024; 7:15:45 AM -0400	V3.x:(not available) V2.0:(not available)
CVE-2024-3682	The WP STAGING and WP STAGING Pro plugins for WordPress are vulnerable to Sensitive Information Exposure in versions up to, and including, 3.4.3, and versions up to, and including, 5.4.3, respectively, via the ajaxSendReport function. This makes it possible for unauthenticated attackers to extract sensitive data from a log file, including system information and (in the Pro version) license keys. Successful exploitation requires an administrator to have used the 'Contact Us' functionality along with the "Enable this option to automatically submit the log files." option. Published: April 26, 2024; 6:15:11 AM -0400	V3.x:(not available) V2.0:(not available)