U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
There are 229,403 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2024-30443

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Testimonial Slider allows Stored XSS.This issue affects GS Testimonial Slider: from n/a through 3.1.4.

Published: March 29, 2024; 2:15:14 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30442

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 4.8.0.

Published: March 29, 2024; 2:15:13 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30441

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Post Grid allows Reflected XSS.This issue affects Post Grid: from n/a through 2.2.74.

Published: March 29, 2024; 2:15:13 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30440

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themify Themify Event Post allows Stored XSS.This issue affects Themify Event Post: from n/a through 1.2.7.

Published: March 29, 2024; 2:15:12 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30439

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BestWebSoft Limit Attempts by BestWebSoft allows Reflected XSS.This issue affects Limit Attempts by BestWebSoft: from n/a through 1.2.9.

Published: March 29, 2024; 2:15:12 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30438

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Print Page block allows Stored XSS.This issue affects Print Page block: from n/a through 1.0.8.

Published: March 29, 2024; 2:15:11 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30437

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPPOOL Webinar and Video Conference with Jitsi Meet allows Stored XSS.This issue affects Webinar and Video Conference with Jitsi Meet: from n/a through 2.6.3.

Published: March 29, 2024; 2:15:11 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30436

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Collect.Chat Inc. Collectchat allows Stored XSS.This issue affects Collectchat: from n/a through 2.4.1.

Published: March 29, 2024; 2:15:10 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30435

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Blocks for Block Editor | Gutenberg allows Reflected XSS.This issue affects The Plus Blocks for Block Editor | Gutenberg: from n/a through 3.2.5.

Published: March 29, 2024; 2:15:10 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30434

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP-CRM System allows Stored XSS.This issue affects WP-CRM System: from n/a through 3.2.9.

Published: March 29, 2024; 2:15:09 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30433

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MultiVendorX WC Marketplace allows Stored XSS.This issue affects WC Marketplace: from n/a through 4.1.3.

Published: March 29, 2024; 2:15:09 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30432

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins B Slider - Slider for your block editor allows Stored XSS.This issue affects B Slider - Slider for your block editor: from n/a through 1.1.12.

Published: March 29, 2024; 2:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30431

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hometory Mang Board WP allows Reflected XSS.This issue affects Mang Board WP: from n/a through 1.8.0.

Published: March 29, 2024; 2:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-29667

SQL Injection vulnerability in Tongtianxing Technology Co., Ltd CMSV6 v.7.31.0.2 through v.7.31.0.3 allows a remote attacker to escalate privileges and obtain sensitive information via the ids parameter.

Published: March 29, 2024; 2:15:08 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-3094

Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.

Published: March 29, 2024; 1:15:21 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-31032

An issue in Huashi Private Cloud CDN Live Streaming Acceleration Server hgateway-sixport v.1.1.2 allows a remote attacker to execute arbitrary code via the manager/ipping.php component.

Published: March 29, 2024; 1:15:20 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30468

Cross-Site Request Forgery (CSRF) vulnerability in All In One WP Security & Firewall Team All In One WP Security & Firewall.This issue affects All In One WP Security & Firewall: from n/a through 5.2.6.

Published: March 29, 2024; 1:15:20 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30463

Missing Authorization vulnerability in realmag777 BEAR.This issue affects BEAR: from n/a through 1.1.4.3.

Published: March 29, 2024; 1:15:19 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30462

Cross-Site Request Forgery (CSRF) vulnerability in realmag777 HUSKY – Products Filter for WooCommerce (formerly WOOF).This issue affects HUSKY – Products Filter for WooCommerce (formerly WOOF): from n/a through 1.3.5.1.

Published: March 29, 2024; 1:15:19 PM -0400
V3.x:(not available)
V2.0:(not available)
CVE-2024-30460

Cross-Site Request Forgery (CSRF) vulnerability in Tumult Inc Tumult Hype Animations.This issue affects Tumult Hype Animations: from n/a through 1.9.11.

Published: March 29, 2024; 1:15:18 PM -0400
V3.x:(not available)
V2.0:(not available)