Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-29763 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Reflected XSS.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3. Published: March 27, 2024; 10:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29762 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slidebars) allows Stored XSS.This issue affects Off-Canvas Sidebars & Menus (Slidebars): from n/a through 0.5.8.1. Published: March 27, 2024; 10:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29761 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Krunal Prajapati WP Post Disclaimer allows Stored XSS.This issue affects WP Post Disclaimer: from n/a through 1.0.3. Published: March 27, 2024; 10:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29760 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl LLC Booster for WooCommerce allows Reflected XSS.This issue affects Booster for WooCommerce: from n/a through 7.1.7. Published: March 27, 2024; 10:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29759 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodePeople Calculated Fields Form allows Reflected XSS.This issue affects Calculated Fields Form: from n/a through 1.2.54. Published: March 27, 2024; 10:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29758 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kienso Co-marquage service-public.Fr allows Reflected XSS.This issue affects Co-marquage service-public.Fr: from n/a through 0.5.72. Published: March 27, 2024; 10:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28853 |
Ampache is a web based audio/video streaming application and file manager. Stored Cross Site Scripting (XSS) vulnerability in ampache before v6.3.1 allows a remote attacker to execute code via a crafted payload to serval parameters in the post request of /preferences.php?action=admin_update_preferences. This vulnerability is fixed in 6.3.1. Published: March 27, 2024; 10:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28852 |
Ampache is a web based audio/video streaming application and file manager. Ampache has multiple reflective XSS vulnerabilities,this means that all forms in the Ampache that use `rule` as a variable are not secure. For example, when querying a song, when querying a podcast, we need to use `$rule` variable. This vulnerability is fixed in 6.3.1 Published: March 27, 2024; 10:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-26652 |
In the Linux kernel, the following vulnerability has been resolved: net: pds_core: Fix possible double free in error handling path When auxiliary_device_add() returns error and then calls auxiliary_device_uninit(), Callback function pdsc_auxbus_dev_release calls kfree(padev) to free memory. We shouldn't call kfree(padev) again in the error handling path. Fix this by cleaning up the redundant kfree() and putting the error handling back to where the errors happened. Published: March 27, 2024; 10:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-26651 |
In the Linux kernel, the following vulnerability has been resolved: sr9800: Add check for usbnet_get_endpoints Add check for usbnet_get_endpoints() and return the error if it fails in order to transfer the error. Published: March 27, 2024; 10:15:10 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-23515 |
Cross-Site Request Forgery (CSRF) vulnerability in Cincopa Post Video Players.This issue affects Post Video Players: from n/a through 1.159. Published: March 27, 2024; 10:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-23510 |
Cross-Site Request Forgery (CSRF) vulnerability in Martyn Chamberlin Don't Muck My Markup.This issue affects Don't Muck My Markup: from n/a through 1.8. Published: March 27, 2024; 10:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-44999 |
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.6.0. Published: March 27, 2024; 10:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-39311 |
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects Fusion Builder: from n/a through 3.11.1. Published: March 27, 2024; 10:15:09 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-34020 |
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash.This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.6.4.3. Published: March 27, 2024; 10:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2022-45847 |
Cross-Site Request Forgery (CSRF) vulnerability in WPAssist.Me WordPress Countdown Widget allows Cross-Site Scripting (XSS).This issue affects WordPress Countdown Widget: from n/a through 3.1.9.1. Published: March 27, 2024; 10:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29812 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ReviewX allows Stored XSS.This issue affects ReviewX: from n/a through 1.6.22. Published: March 27, 2024; 9:15:53 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29811 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftLab Radio Player allows Stored XSS.This issue affects Radio Player: from n/a through 2.0.73. Published: March 27, 2024; 9:15:53 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29807 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DearHive DearFlip allows Stored XSS.This issue affects DearFlip: from n/a through 2.2.26. Published: March 27, 2024; 9:15:53 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29806 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Reservation Diary ReDi Restaurant Reservation allows Reflected XSS.This issue affects ReDi Restaurant Reservation: from n/a through 24.0128. Published: March 27, 2024; 9:15:52 AM -0400 |
V3.x:(not available) V2.0:(not available) |