451
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Product Customizer Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization …
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9848
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
452
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escapin…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9452
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
453
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Parcel Pro plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'action' parameter in all versions up to, and including, 1.8.4 due to insufficient input sanitization and o…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9383
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
454
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Gantry 4 Framework plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'override_id' parameter in all versions up to, and including, 4.1.21 due to insufficient input sani…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9382
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
455
|
- |
|
-
|
-
|
The Elemenda plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.0.2 due to insufficient input sanitization and output escap…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9373
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
456
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Easy Menu Manager | WPZest plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.1 due to insufficient input sanitizatio…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9366
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
457
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The SendGrid for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wp_mailplus_clear_logs' function in all versions up to, and includ…
New
|
CWE-862
Missing Authorization
|
CVE-2024-9364
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
458
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Bulk images optimizer: Resize, optimize, convert to webp, rename … plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_configura…
New
|
-
|
CVE-2024-9361
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
459
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The DPD Baltic Shipping plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search_value' parameter in all versions up to, and including, 1.2.83 due to insufficient input sa…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9350
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
460
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Suki Sites Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitization and out…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-8916
|
2024-10-18 14:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|