211
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The YML for Yandex Market plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.7.2 due to insufficient input sanitizat…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9378
|
2024-10-2 18:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
212
|
- |
|
-
|
-
|
The BerqWP – Automated All-In-One PageSpeed Optimization Plugin for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via t…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9344
|
2024-10-2 18:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
213
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the us…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9218
|
2024-10-2 18:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
214
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versi…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9225
|
2024-10-2 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
215
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_a…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9222
|
2024-10-2 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
216
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and in…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9210
|
2024-10-2 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
217
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Demo Importer Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0.1 due to insufficient input sanitization and ou…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9172
|
2024-10-2 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
218
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The PWA — easy way to Progressive Web App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input …
New
|
-
|
CVE-2024-8967
|
2024-10-2 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
219
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-8800
|
2024-10-2 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
220
|
5.4 |
MEDIUM
Network
|
-
|
-
|
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up …
New
|
CWE-94
Code Injection
|
CVE-2024-8254
|
2024-10-2 16:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|