521
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the us…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9218
|
2024-10-2 18:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
522
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The SEOPress – On-site SEO plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versi…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9225
|
2024-10-2 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
523
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_a…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9222
|
2024-10-2 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
524
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The MC4WP: Mailchimp Top Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and in…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9210
|
2024-10-2 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
525
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Demo Importer Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0.1 due to insufficient input sanitization and ou…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9172
|
2024-10-2 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
526
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The PWA — easy way to Progressive Web App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input …
New
|
-
|
CVE-2024-8967
|
2024-10-2 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
527
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The RabbitLoader – Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-8800
|
2024-10-2 17:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
528
|
5.4 |
MEDIUM
Network
|
-
|
-
|
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up …
New
|
CWE-94
Code Injection
|
CVE-2024-8254
|
2024-10-2 16:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
529
|
- |
|
-
|
-
|
Permissions bypass in M-Files Connector for Copilot before version 24.9.3 allows authenticated user to access limited amount of documents via incorrect access control list calculation
New
|
-
|
CVE-2024-9333
|
2024-10-2 15:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
530
|
- |
|
-
|
-
|
Stored HTML Injection in Social Module in M-Files Hubshare before version 5.0.8.6 allows authenticated user to spoof UI
New
|
-
|
CVE-2024-9174
|
2024-10-2 15:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|