661
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The WordPress Captcha Plugin by Captcha Bank plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versio…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9375
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
662
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The WP Blocks Hub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9372
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
663
|
- |
|
-
|
-
|
The Aggregator Advanced Settings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitizat…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9368
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
664
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Popularis Extra plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9353
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
665
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9349
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
666
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Product Delivery Date for WooCommerce – Lite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all ve…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9345
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
667
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Fish and Ships – Most flexible shipping table rate. A WooCommerce shipping rate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without approp…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9237
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
668
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Smart Custom 404 Error Page plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_SERVER['REQUEST_URI'] in all versions up to, and including, 11.4.7 due to insufficient input…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9204
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
669
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Clio Grow plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.0.2.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8802
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
670
|
5.3 |
MEDIUM
Network
-
|
-
|
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up …
|
-
|
CVE-2024-8520
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|