Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-32603 |
Deserialization of Untrusted Data vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.20. Published: April 18, 2024; 5:15:15 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32601 |
Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Popup Anything.This issue affects Popup Anything: from n/a through 2.8. Published: April 18, 2024; 5:15:15 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32599 |
Improper Control of Generation of Code ('Code Injection') vulnerability in Deepak anand WP Dummy Content Generator.This issue affects WP Dummy Content Generator: from n/a through 3.2.1. Published: April 18, 2024; 5:15:14 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32598 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8. Published: April 18, 2024; 5:15:14 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32597 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Stored XSS.This issue affects WordPress Importer: from n/a through 1.0.7. Published: April 18, 2024; 5:15:14 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32596 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eric-Oliver Mächler DSGVO Youtube allows Stored XSS.This issue affects DSGVO Youtube: from n/a through 1.4.5. Published: April 18, 2024; 5:15:14 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32595 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mat Bao Corp WP Helper Premium allows Reflected XSS.This issue affects WP Helper Premium: from n/a before 4.6.0. Published: April 18, 2024; 5:15:13 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32594 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AttesaWP Attesa Extra allows Stored XSS.This issue affects Attesa Extra: from n/a through 1.3.9. Published: April 18, 2024; 5:15:13 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32593 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.3.4.2. Published: April 18, 2024; 5:15:13 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32592 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VoidCoders, innovs Void Elementor WHMCS Elements For Elementor Page Builder allows Stored XSS.This issue affects Void Elementor WHMCS Elements For Elementor Page Builder: from n/a through 2.0. Published: April 18, 2024; 5:15:13 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32591 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniele De Rosa Backend Designer allows Stored XSS.This issue affects Backend Designer: from n/a through 1.3. Published: April 18, 2024; 5:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32590 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webfood Kattene allows Stored XSS.This issue affects Kattene: from n/a through 1.7. Published: April 18, 2024; 5:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32588 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress Export Import allows Reflected XSS.This issue affects LearnPress Export Import: from n/a through 4.0.3. Published: April 18, 2024; 5:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32587 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a through 2.2. Published: April 18, 2024; 5:15:12 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29001 |
A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. This vulnerability requires authentication and user interaction to be exploited. Published: April 18, 2024; 5:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28076 |
The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A potential attacker can redirect to different domain when using URL parameter with relative entry in the correct format Published: April 18, 2024; 5:15:11 AM -0400 |
V3.1: 7.0 HIGH V2.0:(not available) |
CVE-2023-41864 |
Cross-Site Request Forgery (CSRF) vulnerability in Pepro Dev. Group PeproDev CF7 Database.This issue affects PeproDev CF7 Database: from n/a through 1.8.0. Published: April 18, 2024; 5:15:11 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32142 |
Missing Authorization vulnerability in Ovic Team Ovic Responsive WPBakery.This issue affects Ovic Responsive WPBakery: from n/a through 1.3.0. Published: April 18, 2024; 4:15:38 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31869 |
Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "non-sensitive-only" was set as "webserver.expose_config" configuration (The celery provider is the only community provider currently that has sensitive configurations). You should migrate to Airflow 2.9 or change your "expose_config" configuration to False as a workaround. This is similar, but different to CVE-2023-46288 https://github.com/advisories/GHSA-9qqg-mh7c-chfq which concerned API, not UI configuration page. Published: April 18, 2024; 4:15:38 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-49742 |
Missing Authorization vulnerability in Support Genix.This issue affects Support Genix: from n/a through 1.2.3. Published: April 18, 2024; 4:15:37 AM -0400 |
V3.x:(not available) V2.0:(not available) |