|
1051
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Tabs Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on tab descriptions. …
|
CWE-79
Cross-site Scripting
|
CVE-2024-11865
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1052
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Koalendar – Events & Appointments Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘height’ parameter in all versions up to, and including, 1.0.2 due to …
|
CWE-79
Cross-site Scripting
|
CVE-2024-11855
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1053
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Post Carousel & Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'post-cs' shortcode in all versions up to, and including, 1.0.4 due to insufficient input…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11770
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1054
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Plezi plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'plezi' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and o…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11763
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1055
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Bukza plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bukza' shortcode in all versions up to, and including, 2.0.0 due to insufficient input sanitization and o…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11759
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1056
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The IMS Countdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown post settings in all versions up to, and including, 1.3.4 due to insufficient input sanitization …
|
CWE-79
Cross-site Scripting
|
CVE-2024-11755
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1057
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The TCBD Popover plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tcbd-popover-image ' shortcode in all versions up to, and including, 1.2 due to insufficient input…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11751
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1058
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Filestack Official plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'fstab' and 'filestack_options' parameters in all versions up to, and including, 2.0.0 due to insuf…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11462
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1059
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Visualmodo Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitizat…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11095
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1060
|
- |
|
-
|
-
|
GeoVision GV-ASManager Missing Authorization Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of GeoVision …
|
CWE-862
Missing Authorization
|
CVE-2024-12553
|
2024-12-14 08:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
