Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-32954 |
Unrestricted Upload of File with Dangerous Type vulnerability in Tribulant Newsletters.This issue affects Newsletters: from n/a through 4.9.5. Published: April 24, 2024; 7:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32823 |
Authorization Bypass Through User-Controlled Key vulnerability in FeedbackWP Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.4. Published: April 24, 2024; 7:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32808 |
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9. Published: April 24, 2024; 7:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32789 |
Cross-Site Request Forgery (CSRF) vulnerability in Seers allows Cross-Site Scripting (XSS).This issue affects Seers: from n/a through 8.1.0. Published: April 24, 2024; 7:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32785 |
Cross-Site Request Forgery (CSRF) vulnerability in Webangon The Pack Elementor addons allows Cross-Site Scripting (XSS).This issue affects The Pack Elementor addons: from n/a through 2.0.8.3. Published: April 24, 2024; 7:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32772 |
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9. Published: April 24, 2024; 7:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32711 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in myCred allows Stored XSS.This issue affects myCred: from n/a through 2.6.3. Published: April 24, 2024; 7:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32707 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Image Slider Widget allows Stored XSS.This issue affects Image Slider Widget: from n/a through 1.1.125. Published: April 24, 2024; 7:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32702 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Repute info systems ARForms allows Reflected XSS.This issue affects ARForms: from n/a through 6.4. Published: April 24, 2024; 7:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-23985 |
Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker: from n/a through 6.3.9.4. Published: April 24, 2024; 7:15:46 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-23976 |
Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.1.9.2. Published: April 24, 2024; 7:15:46 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2022-45852 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Path Traversal.This issue affects WP-FormAssembly: from n/a through 2.0.5. Published: April 24, 2024; 7:15:46 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32723 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Code Tides Advanced Floating Content allows Stored XSS.This issue affects Advanced Floating Content: from n/a through 1.2.5. Published: April 24, 2024; 6:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32722 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Coupon & Discount Code Reveal Button allows Stored XSS.This issue affects Coupon & Discount Code Reveal Button: from n/a through 1.2.5. Published: April 24, 2024; 6:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32721 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jegtheme Jeg Elementor Kit allows Stored XSS.This issue affects Jeg Elementor Kit: from n/a through 2.6.3. Published: April 24, 2024; 6:15:06 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32956 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rometheme RomethemeKit For Elementor allows Stored XSS.This issue affects RomethemeKit For Elementor: from n/a through 1.4.1. Published: April 24, 2024; 5:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32952 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BloomPixel Max Addons Pro for Bricks allows Reflected XSS.This issue affects Max Addons Pro for Bricks: from n/a through 1.6.1. Published: April 24, 2024; 5:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32950 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DeBAAT WP Media Category Management allows Reflected XSS.This issue affects WP Media Category Management: from n/a through 2.2. Published: April 24, 2024; 5:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32834 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee WooCommerce Shipping Label allows Stored XSS.This issue affects WooCommerce Shipping Label: from n/a through 2.3.8. Published: April 24, 2024; 5:15:08 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32833 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Halsey List Custom Taxonomy Widget allows Stored XSS.This issue affects List Custom Taxonomy Widget: from n/a through 4.1. Published: April 24, 2024; 5:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |