571
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_ar…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-8793
|
2024-10-1 18:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
572
|
- |
|
-
|
-
|
The Auto Featured Image from Title plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, …
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-8786
|
2024-10-1 18:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
573
|
5.3 |
MEDIUM
Network
-
|
-
|
The Spice Starter Sites plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the spice_starter_sites_importer_creater function in all versions …
New
|
CWE-862
Missing Authorization
|
CVE-2024-8430
|
2024-10-1 18:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
574
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The XO Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘get_slider’ function in all versions up to, and including, 3.8.6 due to insufficient input sanitization and ou…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-8324
|
2024-10-1 18:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
575
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Guten Post Layout – An Advanced Post Grid Collection for WordPress Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:guten-post-…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-8288
|
2024-10-1 18:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
576
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The LocateAndFilter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.14 due to insufficient input sanitization and outp…
New
|
-
|
CVE-2024-9304
|
2024-10-1 17:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
577
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Elastik Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.27.4 due to insufficient input sanitization and…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9274
|
2024-10-1 17:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
578
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The R Animated Icon Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and …
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9272
|
2024-10-1 17:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
579
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Relogo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.4.2 due to insufficient input sanitization and output escapin…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9269
|
2024-10-1 17:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
580
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Easy WordPress Subscribe – Optin Hound plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9267
|
2024-10-1 17:15 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|