|
401
|
7.3 |
HIGH
Network
-
|
-
|
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.4. This is due to the software allowing users t…
New
|
CWE-94
Code Injection
|
CVE-2024-10263
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
402
|
5.4 |
MEDIUM
Network
|
-
|
-
|
The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Open Map Widget'…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9867
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
403
|
6.5 |
MEDIUM
Network
|
-
|
-
|
The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip' paramet…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9657
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
404
|
- |
|
-
|
-
|
LaunchAnywhere vulnerability in the account module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
New
|
-
|
CVE-2024-51530
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
405
|
- |
|
-
|
-
|
Data verification vulnerability in the battery module
Impact: Successful exploitation of this vulnerability may affect function stability.
New
|
-
|
CVE-2024-51529
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
406
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The XT Floating Cart for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.8.2 due to insufficient input sanit…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9178
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
407
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the render function in widgets…
New
|
CWE-200
Information Exposure
|
CVE-2024-10319
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
408
|
- |
|
-
|
-
|
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.30 due to ins…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9878
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
409
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Zotpress_process_accounts_AJAX function in all versions up to, and includ…
New
|
-
|
CVE-2024-7429
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
410
|
- |
|
-
|
-
|
Vulnerability of improper log printing in the Super Home Screen module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
New
|
-
|
CVE-2024-51528
|
2024-11-6 01:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
