361
|
- |
|
-
|
-
|
The Add Widget After Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.4.6 due to insufficient input sanitization an…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9892
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
362
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Product Customizer Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization …
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9848
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
363
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escapin…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9452
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
364
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Parcel Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'action' parameter in all versions up to, and including, 1.8.4 due to insufficient input sanitization and o…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9383
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
365
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Gantry 4 Framework plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'override_id' parameter in all versions up to, and including, 4.1.21 due to insufficient input sani…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9382
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
366
|
- |
|
-
|
-
|
The Elemenda plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.0.2 due to insufficient input sanitization and output escap…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9373
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
367
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Easy Menu Manager | WPZest plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.1 due to insufficient input sanitizatio…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9366
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
368
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wp_mailplus_clear_logs' function in all versions up to, and includ…
New
|
CWE-862
Missing Authorization
|
CVE-2024-9364
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
369
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Bulk images optimizer: Resize, optimize, convert to webp, rename … plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_configura…
New
|
-
|
CVE-2024-9361
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
370
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The DPD Baltic Shipping plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search_value' parameter in all versions up to, and including, 1.2.83 due to insufficient input sa…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9350
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|