681
|
- |
|
-
|
-
|
Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross-Site Scripting (stored XSS ) by uploading a malicious .svg image in the section: Profile > Profile pict…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9198
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
682
|
- |
|
-
|
-
|
The GF Custom Style plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0 due to insufficient input sanitization and output …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9173
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
683
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alignment’ parameter in all versions up to, and including, 3.0.0 due to insufficient input sanitizati…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9127
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
684
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The king_IE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9125
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
685
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Mapplic Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output esc…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9117
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
686
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Common Tools for Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9115
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
687
|
7.2 |
HIGH
Network
-
|
-
|
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization a…
|
CWE-79
Cross-site Scripting
|
CVE-2022-4541
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
688
|
- |
|
-
|
-
|
Power Platform Terraform Provider allows managing environments and other resources within Power Platform. Versions prior to 3.0.0 have an issue in the Power Platform Terraform Provider where sensitiv…
|
-
|
CVE-2024-47083
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
689
|
- |
|
-
|
-
|
Cross Site Scripting vulnerability in ZKTeco WDMS v.5.1.3 Pro allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the Emp Name parameter.
|
-
|
CVE-2023-51157
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
690
|
- |
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.15.1.
|
-
|
CVE-2024-47315
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|