971
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Post Carousel & Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'post-cs' shortcode in all versions up to, and including, 1.0.4 due to insufficient input…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11770
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
972
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Plezi plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'plezi' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and o…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11763
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
973
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Bukza plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bukza' shortcode in all versions up to, and including, 2.0.0 due to insufficient input sanitization and o…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11759
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
974
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The IMS Countdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown post settings in all versions up to, and including, 1.3.4 due to insufficient input sanitization …
|
CWE-79
Cross-site Scripting
|
CVE-2024-11755
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
975
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The TCBD Popover plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tcbd-popover-image ' shortcode in all versions up to, and including, 1.2 due to insufficient input…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11751
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
976
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Filestack Official plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'fstab' and 'filestack_options' parameters in all versions up to, and including, 2.0.0 due to insuf…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11462
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
977
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Visualmodo Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitizat…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11095
|
2024-12-14 14:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
978
|
- |
|
-
|
-
|
GeoVision GV-ASManager Missing Authorization Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of GeoVision …
|
CWE-862
Missing Authorization
|
CVE-2024-12553
|
2024-12-14 08:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
979
|
- |
|
-
|
-
|
Wacom Center WTabletServicePro Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Center. An …
|
CWE-59
Link Following
|
CVE-2024-12552
|
2024-12-14 08:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
980
|
- |
|
-
|
-
|
Playloom Engine is an open-source, high-performance game development engine. Engine Beta v0.0.1 has a security vulnerability related to data storage, specifically when using the collaboration feature…
|
CWE-200
Information Exposure
|
CVE-2024-55946
|
2024-12-14 06:15 |
2024-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|