|
311981
|
5.4 |
MEDIUM
Network
|
prontotools
|
login_logout_shortcode
|
The Login Logout Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitizati…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9421
|
2024-10-11 05:59 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311982
|
5.4 |
MEDIUM
Network
|
acekyd
|
display_medium_posts
|
The Display Medium Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's display_medium_posts shortcode in all versions up to, and including, 5.0.1 due to insuffici…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9445
|
2024-10-11 05:58 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311983
|
5.4 |
MEDIUM
Network
|
davidartiss
|
code_embed
|
The Code Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's script embed functionality in all versions up to, and including, 2.4 due to insufficient restrictions…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8804
|
2024-10-11 05:56 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311984
|
6.1 |
MEDIUM
Network
|
wpfactory
|
quantity_dynamic_pricing_\&_bulk_discounts_for_woocommerce
|
The Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9384
|
2024-10-11 05:52 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311985
|
6.1 |
MEDIUM
Network
|
techbanker
|
captcha_bank
|
The WordPress Captcha Plugin by Captcha Bank plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versio…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9375
|
2024-10-11 05:44 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311986
|
5.4 |
MEDIUM
Network
|
wpblockshub
|
wp_blocks_hub
|
The WP Blocks Hub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9372
|
2024-10-11 05:36 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311987
|
5.4 |
MEDIUM
Network
|
miguelmello
|
aggregator_advanced_settings
|
The Aggregator Advanced Settings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitizat…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9368
|
2024-10-11 05:30 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311988
|
6.1 |
MEDIUM
Network
|
michaeluno
|
auto_amazon_links
|
The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9349
|
2024-10-11 05:25 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311989
|
9.8 |
CRITICAL
Network
|
dlink
|
dir-860l_firmware
|
In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can caus…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-42812
|
2024-10-11 05:18 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311990
|
6.1 |
MEDIUM
Network
|
angeljudesuarez
|
placement_management_system
|
itsourcecode Placement Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Full Name field in registration.php.
|
CWE-79
Cross-site Scripting
|
CVE-2024-46300
|
2024-10-11 03:52 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
