CVEs from 2024
Total
6,592
critical
critical 174
high
high 1,069
medium
medium 2,083
low
low 49
% Critical
2.6%
% with KEV
2.5%
% with exploit
3.4%
Top products
- mbed_tls 15
- operations_analytics_log_analysis 14
- surveillance_station 12
- checkmk 10
- office 8
- profilegrid 8
- office_long_term_servicing_channel 6
- propertyhive 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-11319 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in django CMS Association django-cms allows Cross-Site Scripting (XSS). This issue affects d… | |||
| CVE-2024-24859 | medium | 4.8 | 4.8 | 2y ago | A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service. | |||
| CVE-2024-51685 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Gangolf Accordion title for Elementor allows Stored XSS.This issue affects Accordi… | |||
| CVE-2024-37449 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a through 6.… | |||
| CVE-2024-35768 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LiveComposer Page Builder: Live Composer live-composer-page-builder allows DOM-Based XSS.This iss… | |||
| CVE-2024-35769 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in John West Slideshow SE allows Stored XSS.This issue affects Slideshow SE: from n/a through… | |||
| CVE-2024-35751 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Creative Motion, Will Bontrager Software, LLC Woody ad snippets allows Stored XSS.This iss… | |||
| CVE-2024-34811 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP SMS allows Stored XSS.This issue affects WP SMS: from n/a through 6.5.1. | |||
| CVE-2024-34437 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Stored XSS.This issue affects Form Maker by 10… | |||
| CVE-2024-34558 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF allows Stored XSS.This issue affects WOLF: from n/a through 1.0.8.2. | |||
| CVE-2024-34570 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a t… | |||
| CVE-2024-33639 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AccessAlly PopupAlly allows Stored XSS.This issue affects PopupAlly: from n/a through 2.1.1. | |||
| CVE-2024-32584 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StandaloneTech TeraWallet – For WooCommerce allows Stored XSS.This issue affects TeraWallet – For… | |||
| CVE-2024-32534 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Stored XSS.This issue affects Form Maker by 10… | |||
| CVE-2024-32453 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POEditor allows Stored XSS.This issue affects POEditor: from n/a through 0.9.8. | |||
| CVE-2024-32429 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPChill Remove Footer Credit allows Stored XSS.This issue affects Remove Footer Credit: from n/a … | |||
| CVE-2024-32428 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moss Web Works MWW Disclaimer Buttons allows Stored XSS.This issue affects MWW Disclaimer Buttons… | |||
| CVE-2024-30549 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cimatti Contact Forms by Cimatti contact-forms.This issue affects Contact Forms by Cimatti: from … | |||
| CVE-2024-30430 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Email Newsletter Team - FluentCRM Fluent CRM allows Stored XSS.This issue affects Fluent CRM: … | |||
| CVE-2024-29776 | medium | 4.8 | 4.8 | 2y ago | Cross Site Scripting (XSS) vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.9. | |||
| CVE-2024-2578 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPCoder WP Coder allows Stored XSS.This issue affects WP Coder: from n/a through 3.5. | |||
| CVE-2024-27996 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Survey Maker team Survey Maker allows Stored XSS.This issue affects Survey Maker: from n/a throug… | |||
| CVE-2024-29112 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Marketing Robot WooCommerce Google Feed Manager allows Stored XSS.This issue affects WooCommer… | |||
| CVE-2024-25596 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Doofinder Doofinder for WooCommerce allows Stored XSS.This issue affects Doofinder for WooCommerc… | |||
| CVE-2024-25592 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMU DEV Broken Link Checker allows Stored XSS.This issue affects Broken Link Checker: from n/a t… | |||
| CVE-2024-25101 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in yonifre Maspik – Spam Blacklist allows Stored XSS.This issue affects Maspik – Spam Blacklist: fro… | |||
| CVE-2024-23501 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shopfiles Ltd Ebook Store allows Stored XSS.This issue affects Ebook Store: from n/a through 5.78… | |||
| CVE-2024-1434 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jordy Meow Media Alt Renamer allows Stored XSS.This issue affects Media Alt Renamer: from n/a thr… | |||
| CVE-2024-24717 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mark Kinchin Beds24 Online Booking allows Stored XSS.This issue affects Beds24 Online Booking: fr… | |||
| CVE-2024-24834 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net a… | |||
| CVE-2024-24841 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dan's Art Add Customer for WooCommerce allows Stored XSS.This issue affects Add Customer for WooC… | |||
| CVE-2024-22153 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood & Alexandre Faustino Stock Locations for WooCommerce allows Stored XSS.This issue a… | |||
| CVE-2024-22161 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Harmonic Design HD Quiz allows Stored XSS.This issue affects HD Quiz: from n/a through 1.8.11. | |||
| CVE-2024-22306 | medium | 4.8 | 4.8 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hometory Mang Board WP allows Stored XSS.This issue affects Mang Board WP: from n/a through 1.7.7. | |||
| CVE-2024-13073 | medium | 4.7 | 4.7 | 9mo ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft TaskPano allows Cross-Site Scripting (XSS). This issue affects TaskPano: s1.06.0… | |||
| CVE-2024-12973 | medium | 4.7 | 4.7 | 9mo ago | Origin Validation Error vulnerability in Akinsoft OctoCloud allows HTTP Response Splitting, CAPEC - 87 - Forceful Browsing. This issue affects OctoCloud: from s1.09.01 before v1.11.01. | |||
| CVE-2024-47660 | medium | 4.7 | 4.7 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENT_WATCHED flags lazily In some setups directories can have many (usually negative) dentries. Hence __fsnotif… | |||
| CVE-2024-50006 | medium | 4.7 | 4.7 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate() Fuzzing reports a possible deadlock in jbd2_log_wait_commit. This issue … | |||
| CVE-2024-53124 | medium | 4.7 | 4.7 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: … | |||
| CVE-2024-57913 | medium | 4.7 | 4.7 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Remove WARN_ON in functionfs_bind This commit addresses an issue related to below kernel panic where panic_on_… | |||
| CVE-2024-46679 | medium | 4.7 | 4.7 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings A sysfs reader can race with a device reset or removal, attempting to… | |||
| CVE-2024-38596 | medium | 4.7 | 4.7 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg A data-race condition has been identified in af_unix. In one dat… | |||
| CVE-2024-26861 | medium | 4.7 | 4.7 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wireguard: receive: annotate data-race around receiving_counter.counter Syzkaller with KCSAN identified a data-race issue when ac… | |||
| CVE-2024-26878 | medium | 4.7 | 4.7 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference Below race may cause NULL pointer dereference P1 P2 dquot_free_inode quota_o… | |||
| CVE-2024-41005 | medium | 4.7 | 4.7 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-26923 | medium | 4.7 | 4.7 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-50010 | medium | 4.7 | 4.7 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: exec: don't WARN for racy path_noexec check Both i_mode and noexec checks wrapped in WARN_ON stem from an artifact of the previou… | |||
| CVE-2024-46870 | medium | 4.7 | 4.7 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable DMCUB timeout for DCN35 [Why] DMCUB can intermittently take longer than expected to process commands. O… | |||
| CVE-2024-40905 | medium | 4.7 | 4.7 | 2y ago | Important: kernel security update | |||
| CVE-2024-26897 | medium | 4.7 | 4.7 | 2y ago | Important: kernel security update | |||
| CVE-2024-21516 | medium | 4.7 | 4.7 | 2y ago | Cross site scripting in opencart | |||
| CVE-2024-21515 | medium | 4.7 | 4.7 | 2y ago | Cross site scripting in opencart | |||
| CVE-2024-38662 | medium | 4.7 | 4.7 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Allow delete from sockmap/sockhash only if update is allowed We have seen an influx of syzkaller reports where a BPF program… | |||
| CVE-2024-27419 | medium | 4.7 | 4.7 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can b… | |||
| CVE-2024-33930 | medium | 4.7 | 4.7 | 2y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ILLID Share This Image.This issue affects Share This Image: from n/a through 1.97. | |||
| CVE-2024-33584 | medium | 4.7 | 4.7 | 2y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Deepen Bajracharya Video Conferencing with Zoom.This issue affects Video Conferencing with Zoom: from n/a through 4.4.4. | |||
| CVE-2024-32957 | medium | 4.7 | 4.7 | 2y ago | Missing Authorization vulnerability in Live Composer Team Page Builder: Live Composer.This issue affects Page Builder: Live Composer: from n/a through 1.5.38. | |||
| CVE-2024-26859 | medium | 4.7 | 4.7 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/bnx2x: Prevent access to a freed page in page_pool Fix race condition leading to system crash during EEH error handling Duri… | |||
| CVE-2024-32129 | medium | 4.7 | 4.7 | 2y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Freshworks Freshdesk (official).This issue affects Freshdesk (official): from n/a through 2.3.6. | |||
| CVE-2024-27953 | medium | 4.7 | 4.7 | 2y ago | Missing Authorization vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.6.8. | |||
| CVE-2024-24855 | medium | 4.7 | 4.7 | 2y ago | A race condition was found in the Linux kernel's scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic o… | |||
| CVE-2024-12915 | medium | 4.6 | 4.6 | 11mo ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Devinim Software Library Software allows Reflected XSS. This issue affects Library Softwa… | |||
| CVE-2024-1153 | medium | 4.6 | 4.6 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Le… | |||
| CVE-2024-42114 | medium | 4.4 | 4.4 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values syzbot is able to trigger softlockups, setting NL80211_ATTR_TXQ_QUANTUM … | |||
| CVE-2024-38862 | medium | 4.4 | 4.4 | 2y ago | Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p18, <2.2.0p35, <2.1.0p48 and <=2.0.0p39 (EOL) causes SNMP and IMPI secrets of host and folder properties to … | |||
| CVE-2024-38559 | medium | 4.4 | 4.4 | 2y ago | Moderate: kernel security update | |||
| CVE-2024-26810 | medium | 4.4 | 4.4 | 2y ago | Important: kernel security update | |||
| CVE-2024-33629 | medium | 4.4 | 4.4 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in Creative Motion Auto Featured Image (Auto Post Thumbnail).This issue affects Auto Featured Image (Auto Post Thumbnail): from n/a through 4.0.0. | |||
| CVE-2024-33627 | medium | 4.4 | 4.4 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This issue affects Absolutely Glamorous Custom Admin: from n/a through 7.2.2. | |||
| CVE-2024-32454 | medium | 4.4 | 4.4 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom GoogleMeet and more – Wappointment.This issue affects Appointment Bookings for Zoom GoogleMeet and more … | |||
| CVE-2024-47273 | medium | 4.3 | 4.3 | 4d ago | An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated use… | |||
| CVE-2024-0391 | medium | 4.3 | 4.3 | 27d ago | The check user account lock states feature within the email OTP flow fails to validate user input, allowing an attacker to infer the existence of registered user accounts. The discovery of valid use… | |||
| CVE-2024-13071 | medium | 4.3 | 4.3 | 9mo ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft e-Mutabakat allows Cross-Site Scripting (XSS). This issue affects e-Mutabakat: f… | |||
| CVE-2024-13066 | medium | 4.3 | 4.3 | 9mo ago | Improper Restriction of Rendered UI Layers or Frames vulnerability in Akinsoft LimonDesk allows iFrame Overlay, CAPEC - 103 - Clickjacking. This issue affects LimonDesk: from s1.02.14 before v1.02.1… | |||
| CVE-2024-13064 | medium | 4.3 | 4.3 | 9mo ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft MyRezzta allows Cross-Site Scripting (XSS). This issue affects MyRezzta: from s2… | |||
| CVE-2024-12974 | medium | 4.3 | 4.3 | 9mo ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft ProKuaför allows Cross-Site Scripting (XSS). This issue affects ProKuaför: from … | |||
| CVE-2024-12972 | medium | 4.3 | 4.3 | 9mo ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akinsoft OctoCloud allows Cross-Site Scripting (XSS). This issue affects OctoCloud: from … | |||
| CVE-2024-12914 | medium | 4.3 | 4.3 | 9mo ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Akınsoft QR Menü allows Cross-Site Scripting (XSS). This issue affects QR Menü: from s1.0… | |||
| CVE-2024-13873 | medium | 4.3 | 4.3 | 1y ago | The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.8 v… | |||
| CVE-2024-38732 | medium | 4.3 | 4.3 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in VolThemes Patricia Blog allows Cross Site Request Forgery.This issue affects Patricia Blog: from n/a through 1.2. | |||
| CVE-2024-38731 | medium | 4.3 | 4.3 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in Marsian i-amaze allows Cross Site Request Forgery.This issue affects i-amaze: from n/a through 1.3.7. | |||
| CVE-2024-37931 | medium | 4.3 | 4.3 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in Creativthemes Point allows Cross Site Request Forgery.This issue affects Point: from n/a through 1.1. | |||
| CVE-2024-37452 | medium | 4.3 | 4.3 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop Schema Lite allows Cross Site Request Forgery.This issue affects Schema Lite: from n/a through 1.2.2. | |||
| CVE-2024-37241 | medium | 4.3 | 4.3 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in Automattic WP Job Manager - Resume Manager allows Cross Site Request Forgery.This issue affects WP Job Manager - Resume Manager: from n/a through 2.… | |||
| CVE-2024-38764 | medium | 4.3 | 4.3 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in Marsian allows Cross Site Request Forgery.This issue affects i-transform: from n/a through 3.0.9. | |||
| CVE-2024-56236 | medium | 4.3 | 4.3 | 1y ago | Missing Authorization vulnerability in Juni Hestia Nginx Cache hestia-nginx-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hestia Nginx Cache: from n… | |||
| CVE-2024-8429 | medium | 4.3 | 4.3 | 2y ago | Improper Restriction of Excessive Authentication Attempts vulnerability in Digital Operation Services WiFiBurada allows Use of Known Domain Credentials. This issue affects WiFiBurada: before 1.0.5. | |||
| CVE-2024-53785 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in Alexander Volkov Chatter.This issue affects Chatter: from n/a through 1.0.1. | |||
| CVE-2024-49321 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in colorlibplugins Simple Custom Post Order simple-custom-post-order allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sim… | |||
| CVE-2024-9143 | medium | 4.3 | 4.3 | 2y ago | Issue summary: Use of the low-level GF(2^m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. Impact summary: Out of bound… | |||
| CVE-2024-8411 | medium | 4.3 | 4.3 | 2y ago | A vulnerability was determined in ABCD ABCD2 up to 2.2.0-beta-1. Impacted is an unknown function of the file /buscar_integrada.php. Executing a manipulation of the argument Sub_Expresion can lead to … | |||
| CVE-2024-43316 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins Stripe Payments For WooCommerce by Checkout.This issue affects Stripe Payments For WooCommerce by Checkout: from n/a through 1.9.1. | |||
| CVE-2024-32784 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in CookieHub.This issue affects CookieHub: from n/a through 1.1.0. | |||
| CVE-2024-34806 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Creative Motion Clearfy Cache.This issue affects Clearfy Cache: from n/a through 2.2.1. | |||
| CVE-2024-34827 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs, Razvan Mocanu, Madalin Ungureanu, Cristophor Hurduban TranslatePress.This issue affects TranslatePress: from n/a through 2.7.5. | |||
| CVE-2024-34825 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Warfare Plugins Social Warfare.This issue affects Social Warfare: from n/a through 4.4.5.1. | |||
| CVE-2024-34823 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter.This issue affects Arigato Autoresponder and Newsletter: from n/a through 2.7.2.3. | |||
| CVE-2024-34817 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for Pipedrive and Contact For… | |||
| CVE-2024-34439 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in divSpot DS Site Message.This issue affects DS Site Message: from n/a through 1.14.4. | |||
| CVE-2024-34427 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Huseyin Berberoglu WP Favorite Posts.This issue affects WP Favorite Posts: from n/a through 1.6.8. |