|
2071
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Spoki – Chat Buttons and WooCommerce Notifications plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spoki_button' shortcode in all versions up to, and including…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11893
|
2024-12-20 16:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2072
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Category Post Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'category-post-slider' shortcode in all versions up to, and including, 1.4 due to insuffici…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11878
|
2024-12-20 16:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2073
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Wtyczka SeoPilot dla WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.3.091. This is due to missing or incorrect nonce validation on the…
|
CWE-352
Origin Validation Error
|
CVE-2024-11812
|
2024-12-20 16:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2074
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The PKT1 Centro de envios plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'success' and 'error' parameters in all versions up to, and including, 1.2.1 due to insufficient…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11806
|
2024-12-20 16:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2075
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Sell Tickets Online – TicketSource Ticket Shop for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ticketshop' shortcode in all versions up to, and i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11784
|
2024-12-20 16:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2076
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Financial Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'finance_calculator' shortcode in all versions up to, and including, 2.2.1 due to insuffici…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11783
|
2024-12-20 16:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2077
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Particle Background plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'particleground' shortcode in all versions up to, and including, 1.0.2 due to insufficient i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11775
|
2024-12-20 16:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2078
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Outdooractive Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'list2go' shortcode in all versions up to, and including, 1.5 due to insufficient input sani…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11774
|
2024-12-20 16:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2079
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Spotlightr plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spotlightr-v' shortcode in all versions up to, and including, 0.1.9 due to insufficient input saniti…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11411
|
2024-12-20 16:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2080
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The ??????? ??????? ??????? ???? ???? plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11331
|
2024-12-20 16:15 |
2024-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
