811
|
- |
|
-
|
-
|
The GF Custom Style plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0 due to insufficient input sanitization and output …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9173
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
812
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alignment’ parameter in all versions up to, and including, 3.0.0 due to insufficient input sanitizati…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9127
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
813
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The king_IE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9125
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
814
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Mapplic Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output esc…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9117
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
815
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Common Tools for Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9115
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
816
|
7.2 |
HIGH
Network
-
|
-
|
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization a…
|
CWE-79
Cross-site Scripting
|
CVE-2022-4541
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
817
|
- |
|
-
|
-
|
Power Platform Terraform Provider allows managing environments and other resources within Power Platform. Versions prior to 3.0.0 have an issue in the Power Platform Terraform Provider where sensitiv…
|
-
|
CVE-2024-47083
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
818
|
- |
|
-
|
-
|
Cross Site Scripting vulnerability in ZKTeco WDMS v.5.1.3 Pro allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the Emp Name parameter.
|
-
|
CVE-2023-51157
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
819
|
- |
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.15.1.
|
-
|
CVE-2024-47315
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
820
|
- |
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in Dnesscarkey Use Any Font allows Cross Site Request Forgery.This issue affects Use Any Font: from n/a through 6.3.08.
|
CWE-352
Origin Validation Error
|
CVE-2024-47305
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|