|
191
|
8.1 |
HIGH
Network
|
aakashbhagat
|
single_user_chat
|
The Single-user-chat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the 'single_user_chat_update_login'…
|
NVD-CWE-noinfo
|
CVE-2024-13646
|
2025-02-1 03:19 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
192
|
6.1 |
MEDIUM
Network
|
stageshow_project
|
stageshow
|
The StageShow plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 9.8…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13705
|
2025-02-1 03:17 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
193
|
6.5 |
MEDIUM
Network
|
modalsurvey
|
wordpress_survey_and_poll
|
The WordPress Survey & Poll – Quiz, Survey and Poll Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'id' attribute of the 'survey' shortcode in all versions up to, an…
|
CWE-89
SQL Injection
|
CVE-2024-13596
|
2025-02-1 03:16 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194
|
8.1 |
HIGH
Network
|
ivanm
|
wp_image_uploader
|
The WP Image Uploader plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the gky_ima…
|
CWE-352
Origin Validation Error
|
CVE-2024-13707
|
2025-02-1 03:12 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195
|
5.4 |
MEDIUM
Network
|
areoi
|
all_bootstrap_blocks
|
The All Bootstrap Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the "Accordion" widget in all versions up to, and including, 1.3.26 due to insufficient input sanitizati…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13549
|
2025-02-1 03:10 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196
|
5.4 |
MEDIUM
Network
|
wptableeditor
|
table_editor
|
The Table Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wptableeditor_vtabs' shortcode in all versions up to, and including, 1.5.1 due to insufficient inp…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13661
|
2025-02-1 03:08 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197
|
5.4 |
MEDIUM
Network
|
wonderjarcreative
|
wonder_fontawesome
|
The Wonder FontAwesome plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.8. This is due to missing or incorrect nonce validation on one of its f…
|
CWE-352
Origin Validation Error
|
CVE-2024-13512
|
2025-02-1 03:08 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198
|
5.4 |
MEDIUM
Network
|
wordpresteem
|
we_-_testimonial_slide
|
The WE – Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Testimonial Author Names in all versions up to, and including, 1.5 due to insufficient input sanitiza…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13460
|
2025-02-1 03:07 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199
|
5.4 |
MEDIUM
Network
|
gubbigubbi
|
kona_gallery_block
|
The Kona Gallery Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the "Kona: Instagram for Gutenberg" Block, specifically in the "align" attribute, in all versions up to, a…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13400
|
2025-02-1 03:02 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200
|
5.4 |
MEDIUM
Network
|
wpbean
|
wp_post_list_table
|
The WP Post List Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpb_post_list_table' shortcode in all versions up to, and including, 1.0.3 due to insufficie…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13664
|
2025-02-1 02:58 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
