611
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the us…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9218
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
612
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9225
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
613
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_a…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9222
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
614
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and in…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9210
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
615
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Demo Importer Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0.1 due to insufficient input sanitization and ou…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9172
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
616
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The PWA — easy way to Progressive Web App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input …
|
-
|
CVE-2024-8967
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
617
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8800
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
618
|
5.4 |
MEDIUM
Network
|
-
|
-
|
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up …
|
CWE-94
Code Injection
|
CVE-2024-8254
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
619
|
- |
|
-
|
-
|
Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated user to access limited amount of documents via incorrect access control list calculation
|
-
|
CVE-2024-9333
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
620
|
- |
|
-
|
-
|
Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI
|
-
|
CVE-2024-9174
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|