CVEs from 2024
Total
6,620
critical
critical 168
high
high 1,065
medium
medium 2,078
low
low 49
% Critical
2.5%
% with KEV
2.5%
% with exploit
3.4%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- propertyhive 5
- glibc 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-8608 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Oceanic Software ValeApp allows Stored XSS. This issue affects ValeApp: before v2.0.0. | |||
| CVE-2024-5959 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Eliz Software Panel allows Stored XSS. This issue affects Panel: before v2.3.24. | |||
| CVE-2024-37229 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AuburnForest Blogmentor – Blog Layouts for Elementor allows Stored XSS.This issue affects … | |||
| CVE-2024-37959 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Atlas Public Policy Power BI Embedded for WordPress allows Stored XSS.This issue affects P… | |||
| CVE-2024-4754 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Next4Biz CRM & BPM Software Business Process Manangement (BPM) allows Stored XSS. This issue aff… | |||
| CVE-2024-34443 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemePunch OHG Slider Revolution allows Stored XSS.This issue affects Slider Revolution: f… | |||
| CVE-2024-35167 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.This issue affe… | |||
| CVE-2024-34816 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Revmakx WPCal.Io – Easy Meeting Scheduler.This issue affects WPCal.Io – Easy Meeting Scheduler: from n/a through 0.9.5.8. | |||
| CVE-2024-34445 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor… | |||
| CVE-2024-34436 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor… | |||
| CVE-2024-34432 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BetterAddons Better Elementor Addons better-elementor-addons allows Stored XSS.This issue affects… | |||
| CVE-2024-34547 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor alam Magical Addons For Elementor allows Stored XSS.This issue affects Magical Addons For El… | |||
| CVE-2024-34566 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Johan van der Wijk Content Blocks (Custom Post Widget) allows Stored XSS.This issue affects Conte… | |||
| CVE-2024-34562 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Element… | |||
| CVE-2024-34381 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PropertyHive allows Stored XSS.This issue affects PropertyHive: from n/a through 2.0.10. | |||
| CVE-2024-34374 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuomodoSoft ElementsReady Addons for Elementor allows Stored XSS.This issue affects ElementsReady… | |||
| CVE-2024-33588 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in codeSavory Knowledge Base documentation & wiki plugin – BasePress.This issue affects Knowledge Base documentation & wiki plugin – BasePress: from n/a through 2.… | |||
| CVE-2024-33636 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Mahesh Vora WP Page Post Widget Clone.This issue affects WP Page Post Widget Clone: from n/a through 1.0.1. | |||
| CVE-2024-33641 | medium | 5.4 | 5.4 | 2y ago | Deserialization of Untrusted Data vulnerability in Team Yoast Custom field finder.This issue affects Custom field finder: from n/a through 0.3. | |||
| CVE-2024-33634 | medium | 5.4 | 5.4 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17. | |||
| CVE-2024-33632 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17. | |||
| CVE-2024-33539 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM WPZOOM Addons for Elementor (Templates, Widgets) allows Stored XSS.This issue affects WPZO… | |||
| CVE-2024-33682 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Cookie Information A/S WP GDPR Compliance.This issue affects WP GDPR Compliance: from n/a through 2.0.23. | |||
| CVE-2024-33680 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in MainWP MainWP Child Reports.This issue affects MainWP Child Reports: from n/a through 2.1.1. | |||
| CVE-2024-33638 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Brijesh Kothari Smart Maintenance Mode.This issue affects Smart Maintenance Mode: from n/a through 1.4.4. | |||
| CVE-2024-33592 | medium | 5.4 | 5.4 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73. | |||
| CVE-2024-32721 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jegtheme Jeg Elementor Kit allows Stored XSS.This issue affects Jeg Elementor Kit: from n/a throu… | |||
| CVE-2024-32835 | medium | 5.4 | 5.4 | 2y ago | Deserialization of Untrusted Data vulnerability in WebToffee Import Export WordPress Users.This issue affects Import Export WordPress Users: from n/a through 2.5.3. | |||
| CVE-2024-32812 | medium | 5.4 | 5.4 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.0.11. | |||
| CVE-2024-32718 | medium | 5.4 | 5.4 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in Webangon The Pack Elementor.This issue affects The Pack Elementor addons: from n/a through 2.0.8.2. | |||
| CVE-2024-32580 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Master Slider allows Stored XSS.This issue affects Master Slider: from n/a through 3.9.8. | |||
| CVE-2024-32576 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: fr… | |||
| CVE-2024-32575 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1… | |||
| CVE-2024-32572 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elemento… | |||
| CVE-2024-32598 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: fr… | |||
| CVE-2024-32597 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Stored XSS.This issue affects WordPress Importer: from n/a… | |||
| CVE-2024-32593 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addon… | |||
| CVE-2024-32142 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Ovic Team Ovic Responsive WPBakery.This issue affects Ovic Responsive WPBakery: from n/a through 1.3.0. | |||
| CVE-2024-3931 | medium | 5.4 | 5.4 | 2y ago | A vulnerability was found in Totara LMS up to 18.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/roles/check.php of the component User Sele… | |||
| CVE-2024-32508 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in deTheme DethemeKit For Elementor allows Stored XSS.This issue affects DethemeKit For Elementor: f… | |||
| CVE-2024-32456 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvoThemes Envo Extra allows Stored XSS.This issue affects Envo Extra: from n/a through 1.8.11. | |||
| CVE-2024-32515 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Qamar Sheeraz, Nasir Ahmad Mega Addons For Elementor.This issue affects Mega Addons For Elementor: from n/a through 1.8. | |||
| CVE-2024-32506 | medium | 5.4 | 5.4 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73. | |||
| CVE-2024-32557 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Exclusive Addons Exclusive Addons Elementor allows Stored XSS.This issue affects Exclusive Addons… | |||
| CVE-2024-31389 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Ertano MihanPanel.This issue affects MihanPanel: from n/a before 12.7. | |||
| CVE-2024-31933 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Live Composer Team Page Builder: Live Composer.This issue affects Page Builder: Live Composer: from n/a through 1.5.35. | |||
| CVE-2024-31434 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Stefano Lissa & The Newsletter Team Newsletter.This issue affects Newsletter: from n/a through 8.0.6. | |||
| CVE-2024-31425 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in TMS Amelia.This issue affects Amelia: from n/a through 1.0.95. | |||
| CVE-2024-32103 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Siteimprove.This issue affects Siteimprove: from n/a through 2.0.6. | |||
| CVE-2024-32097 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Eyal Fitoussi GEO my WordPress.This issue affects GEO my WordPress: from n/a through 4.1. | |||
| CVE-2024-32096 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in DAEV.Tech WP Migration Plugin DB & Files – WP Synchro.This issue affects WP Migration Plugin DB & Files – WP Synchro: from n/a through 1.11.2. | |||
| CVE-2024-32093 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Nose Graze Novelist.This issue affects Novelist: from n/a through 1.2.2. | |||
| CVE-2024-32092 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Michael Bester Kimili Flash Embed.This issue affects Kimili Flash Embed: from n/a through 2.5.3. | |||
| CVE-2024-31941 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in CodePeople CP Media Player.This issue affects CP Media Player: from n/a through 1.1.3. | |||
| CVE-2024-32452 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in WP EasyCart.This issue affects WP EasyCart: from n/a through 5.5.19. | |||
| CVE-2024-32449 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in MagniGenie RestroPress.This issue affects RestroPress: from n/a through 3.1.2. | |||
| CVE-2024-32446 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce.This issue affects Wallet System for WooCommerce: from n/a through 2.5.9. | |||
| CVE-2024-32147 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Form Plugin Team - GhozyLab Easy Contact Form Lite allows Stored XSS.This issue affects Easy Cont… | |||
| CVE-2024-31279 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Catch Plugins Generate Child Theme.This issue affects Generate Child Theme: from n/a through 2.0. | |||
| CVE-2024-31263 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in aerin Loan Repayment Calculator and Application Form.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.4. | |||
| CVE-2024-31262 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Jcodex WooCommerce Checkout Field Editor (Checkout Manager).This issue affects WooCommerce Checkout Field Editor (Checkout Manager): from n/a throug… | |||
| CVE-2024-31936 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in AyeCode Ltd UsersWP.This issue affects UsersWP: from n/a before 1.2.6. | |||
| CVE-2024-27970 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in BogdanFix WP SendFox.This issue affects WP SendFox: from n/a through 1.3.0. | |||
| CVE-2024-25922 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Peach Payments Peach Payments Gateway.This issue affects Peach Payments Gateway: from n/a through 3.1.9. | |||
| CVE-2024-25907 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2. | |||
| CVE-2024-31369 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2. | |||
| CVE-2024-31375 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Saleswonder Team: Tobias WP2LEADS wp2leads.This issue affects WP2LEADS: from n/a through <= 3.2.7. | |||
| CVE-2024-31349 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch MailMunch – Grow your Email List allows Stored XSS.This issue affects MailMunch – Grow … | |||
| CVE-2024-31306 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Stored XSS.This issue affects Essential Blocks … | |||
| CVE-2024-31296 | medium | 5.4 | 5.4 | 2y ago | Authorization Bypass Through User-Controlled Key vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.81. | |||
| CVE-2024-31236 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addons: from… | |||
| CVE-2024-30530 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Stored XSS.This issue a… | |||
| CVE-2024-30524 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RedLettuce Plugins PDF Viewer for Elementor allows Stored XSS.This issue affects PDF Viewer for E… | |||
| CVE-2024-31120 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Stored XSS.This issue affects Responsive … | |||
| CVE-2024-31100 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Festi-Team Popup Cart Lite for WooCommerce.This issue affects Popup Cart Lite for WooCommerce: from n/a through 1.1. | |||
| CVE-2024-30442 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a thr… | |||
| CVE-2024-30453 | medium | 5.4 | 5.4 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in Brave Brave Popup Builder.This issue affects Brave Popup Builder: from n/a through 0.6.5. | |||
| CVE-2024-30446 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks Forms allows Stored XSS.This issue affects CRM Perks Forms: from n/a through … | |||
| CVE-2024-30521 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Landingi Landingi Landing Pages.This issue affects Landingi Landing Pages: from n/a through 3.1.1. | |||
| CVE-2024-30429 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hans Matzen allows Stored XSS.This issue affects wp-forecast: from n/a through 9.2. | |||
| CVE-2024-30426 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HashThemes Hash Elements allows Stored XSS.This issue affects Hash Elements: from n/a through 1.3… | |||
| CVE-2024-30423 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BetterAddons Better Elementor Addons allows Stored XSS.This issue affects Better Elementor Addons… | |||
| CVE-2024-30520 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Labib Ahmed Carousel Anything For WPBakery Page Builder allows Stored XSS.This issue affects Caro… | |||
| CVE-2024-30519 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lordicon Lordicon Animated Icons allows Stored XSS.This issue affects Lordicon Animated Icons: fr… | |||
| CVE-2024-30483 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Sponsorships Sponsors allows Stored XSS.This issue affects Sponsors: from n/a through 3.5.… | |||
| CVE-2024-28003 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Megamenu Max Mega Menu.This issue affects Max Mega Menu: from n/a through 3.3. | |||
| CVE-2024-23515 | medium | 5.4 | 5.4 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Cincopa Post Video Players.This issue affects Post Video Players: from n/a through 1.159. | |||
| CVE-2024-29812 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ReviewX allows Stored XSS.This issue affects ReviewX: from n/a through 1.6.22. | |||
| CVE-2024-29811 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftLab Radio Player allows Stored XSS.This issue affects Radio Player: from n/a through 2.0.73. | |||
| CVE-2024-29807 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DearHive DearFlip allows Stored XSS.This issue affects DearFlip: from n/a through 2.2.26. | |||
| CVE-2024-29804 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Heateor Fancy Comments WordPress allows Stored XSS.This issue affects Fancy Comments WordPre… | |||
| CVE-2024-29796 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hot Themes Hot Random Image allows Stored XSS.This issue affects Hot Random Image: from n/a throu… | |||
| CVE-2024-29793 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by Ma… | |||
| CVE-2024-30186 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Prime Slider – Addons For Elementor allows Stored XSS.This issue affects Prime Slider – … | |||
| CVE-2024-30185 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elemento… | |||
| CVE-2024-30179 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a thr… | |||
| CVE-2024-30177 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Exclusive Addons Exclusive Addons Elementor allows Stored XSS.This issue affects Exclusive Addons… | |||
| CVE-2024-29935 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SinaExtra Sina Extension for Elementor allows Stored XSS.This issue affects Sina Extension for El… | |||
| CVE-2024-29932 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Stored XSS.This issue affects … | |||
| CVE-2024-29927 | medium | 5.4 | 5.4 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasTheme WishSuite allows Stored XSS.This issue affects WishSuite: from n/a through 1.3.7. |