Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-4644 |
A vulnerability has been found in SourceCodester Prison Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /Employee/changepassword.php. The manipulation of the argument txtold_password/txtnew_password/txtconfirm_password leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263488. Published: May 08, 2024; 8:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34561 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative interactive media 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin allows Stored XSS.This issue affects 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin: from n/a through 3.71. Published: May 08, 2024; 8:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34560 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GOMO gee Search Plus allows Stored XSS.This issue affects gee Search Plus: from n/a through 1.4.4. Published: May 08, 2024; 8:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34558 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF allows Stored XSS.This issue affects WOLF: from n/a through 1.0.8.2. Published: May 08, 2024; 8:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34553 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Select-Themes Stockholm Core allows Reflected XSS.This issue affects Stockholm Core: from n/a through 2.4.1. Published: May 08, 2024; 8:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34548 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.4.8. Published: May 08, 2024; 8:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34547 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor alam Magical Addons For Elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through 1.1.34. Published: May 08, 2024; 8:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34546 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HabibCoder Sticky Social Link allows Stored XSS.This issue affects Sticky Social Link: from n/a through 1.0.0. Published: May 08, 2024; 8:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34414 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nobita allows Stored XSS.This issue affects raindrops: from n/a through 1.600. Published: May 08, 2024; 8:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2022-40218 |
Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue affects Advance WordPress Search Plugin: from n/a through 1.1.4. Published: May 08, 2024; 8:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3507 |
Improper privilege management vulnerability in Lunar software that affects versions 6.0.2 through 6.6.0. This vulnerability allows an attacker to perform a secondary process injection into the Lunar application and abuse those rights to access sensitive user information. Published: May 08, 2024; 7:15:25 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34570 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a through 1.4.3. Published: May 08, 2024; 7:15:25 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34569 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Katie Seaborn Zotpress allows Stored XSS.This issue affects Zotpress: from n/a through 7.3.9. Published: May 08, 2024; 7:15:25 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34568 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeqx LetterPress allows Stored XSS.This issue affects LetterPress: from n/a through 1.2.1. Published: May 08, 2024; 7:15:25 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34566 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Johan van der Wijk Content Blocks (Custom Post Widget) allows Stored XSS.This issue affects Content Blocks (Custom Post Widget): from n/a through 3.3.0. Published: May 08, 2024; 7:15:24 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34565 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Debug Info allows Stored XSS.This issue affects Debug Info: from n/a through 1.3.10. Published: May 08, 2024; 7:15:24 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34564 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LogicHunt Inc. Counter Up allows Stored XSS.This issue affects Counter Up: from n/a through 2.2.1. Published: May 08, 2024; 7:15:24 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34563 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoldAddons Gold Addons for Elementor allows Stored XSS.This issue affects Gold Addons for Elementor: from n/a through 1.2.9. Published: May 08, 2024; 7:15:24 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-34562 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through 1.3.0. Published: May 08, 2024; 7:15:24 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-4281 |
The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'link-library' shortcode in all versions up to, and including, 7.6.11 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Published: May 08, 2024; 6:15:08 AM -0400 |
V3.1: 6.4 MEDIUM V2.0:(not available) |