CVEs from 2024
Total
6,934
critical
critical 114
high
high 1,033
medium
medium 1,997
low
low 47
% Critical
1.6%
% with KEV
2.4%
% with exploit
3.2%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-29919 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Photo Gallery Team Photo Gallery by Ays allows Reflected XSS.This issue affects Photo Gallery by … | |||
| CVE-2024-30196 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Appscreo Easy Social Share Buttons allows Reflected XSS.This issue affects Easy Social Share Butt… | |||
| CVE-2024-30195 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Semenov New RoyalSlider allows Reflected XSS.This issue affects New RoyalSlider: from n/a through… | |||
| CVE-2024-29907 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Active Websight SEO Backlink Monitor allows Reflected XSS.This issue affects SEO Backlink Monitor… | |||
| CVE-2024-25926 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IndiaNIC Widgets Controller allows Reflected XSS.This issue affects Widgets Controller: from n/a … | |||
| CVE-2024-24800 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AdTribes.Io Product Feed PRO for WooCommerce allows Reflected XSS.This issue affects Product Feed… | |||
| CVE-2024-24700 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benjamin Rojas WP Editor allows Reflected XSS.This issue affects WP Editor: from n/a through 1.2.… | |||
| CVE-2024-22311 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N Squared Simply Schedule Appointments allows Reflected XSS.This issue affects Simply Schedule Ap… | |||
| CVE-2024-22300 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Icegram Email Subscribers & Newsletters allows Reflected XSS.This issue affects Email Subscribers… | |||
| CVE-2024-22299 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Foliovision: Making the web work for you FV Flowplayer Video Player allows Reflected XSS.This iss… | |||
| CVE-2024-22149 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oliver Seidel, Bastian Germann CformsII allows Stored XSS.This issue affects CformsII: from n/a t… | |||
| CVE-2024-29091 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dnesscarkey WP Armour – Honeypot Anti Spam allows Reflected XSS.This issue affects WP Armour – Ho… | |||
| CVE-2024-29103 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NinjaTeam Database for Contact Form 7 allows Stored XSS.This issue affects Database for Contact F… | |||
| CVE-2024-29126 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jose Mortellaro Specific Content For Mobile – Customize the mobile version without redirections a… | |||
| CVE-2024-29121 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firassaidi WooCommerce License Manager allows Reflected XSS.This issue affects WooCommerce Licens… | |||
| CVE-2024-29116 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IconicWP WooThumbs for WooCommerce by Iconic allows Reflected XSS.This issue affects WooThumbs fo… | |||
| CVE-2024-29110 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pauple Table & Contact Form 7 Database – Tablesome allows Reflected XSS.This issue affects Table … | |||
| CVE-2024-29142 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebberZone Better Search – Relevant search results for WordPress allows Stored XSS.This issue aff… | |||
| CVE-2024-29139 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mark Tilly MyCurator Content Curation allows Reflected XSS.This issue affects MyCurator Content C… | |||
| CVE-2024-27961 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codekraft AntiSpam for Contact Form 7 allows Reflected XSS.This issue affects AntiSpam for Contac… | |||
| CVE-2024-27197 | high | 7.1 | 7.1 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Bee BeePress allows Stored XSS.This issue affects BeePress: from n/a through 6.9.8. | |||
| CVE-2024-27192 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Reilly Configure SMTP allows Reflected XSS.This issue affects Configure SMTP: from n/a thro… | |||
| CVE-2024-25921 | high | 7.1 | 7.1 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Concerted Action Action Network allows Reflected XSS.This issue affects Action Network: from n/a … | |||
| CVE-2024-56672 | high | 7.0 | 7.0 | 7mo ago | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix UAF in blkcg_unpin_online() blkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To walk up,… | |||
| CVE-2024-43882 | high | 7.0 | 7.0 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via do_filp_open(), permission checking is… | |||
| CVE-2024-53150 | medium | — | 7.0 | 1y ago | RHSA-2025:3894: kernel-rt security update (Moderate) | |||
| CVE-2024-50302 | medium | 5.5 | 7.0 | 1y ago | RHSA-2025:2474: kernel-rt security update (Important) | |||
| CVE-2024-39503 | high | 7.0 | 7.0 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-26872 | high | 7.0 | 7.0 | 2y ago | RHSA-2024:3627: kernel-rt security and bug fix update (Moderate) | |||
| CVE-2024-49903 | high | 7.0 | 7.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uaf in dbFreeBits [syzbot reported] ================================================================== BUG: KASAN: slab-… | |||
| CVE-2024-47747 | high | 7.0 | 7.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition In the ether3_probe function, a timer is initi… | |||
| CVE-2024-36899 | high | 7.0 | 7.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfo_changed_notify The use-after-free issue occurs as follows: when the GPIO chip devic… | |||
| CVE-2024-27020 | high | 7.0 | 7.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2024-27397 | high | 7.0 | 7.0 | 2y ago | RHSA-2024:4352: kernel-rt security and bug fix update (Important) | |||
| CVE-2024-26974 | high | 7.0 | 7.0 | 2y ago | RHSA-2024:4352: kernel-rt security and bug fix update (Important) | |||
| CVE-2024-34027 | high | 7.0 | 7.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock It needs to cover {reserve,release}_compress_bl… | |||
| CVE-2024-11399 | medium | 6.8 | 6.8 | 4d ago | Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks… | |||
| CVE-2024-12086 | medium | 6.8 | 6.8 | 12d ago | Important: rsync security update | |||
| CVE-2024-57256 | medium | 6.8 | 6.8 | 1y ago | An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resultin… | |||
| CVE-2024-24857 | medium | 6.8 | 6.8 | 2y ago | RHSA-2024:8870: kernel-rt security update (Moderate) | |||
| CVE-2024-35976 | medium | 6.7 | 6.7 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING syzbot reported an illegal copy in xsk_setsockopt() [1] Make sure t… | |||
| CVE-2024-0193 | medium | 6.7 | 6.7 | 2y ago | A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This… | |||
| CVE-2024-47692 | medium | 6.5 | 6.5 | 1y ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: return -EINVAL when namelen is 0 When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen be… | |||
| CVE-2024-54313 | medium | 6.5 | 6.5 | 2y ago | Path Traversal vulnerability in FULL. FULL Customer allows Path Traversal.This issue affects FULL Customer: from n/a through 3.1.25. | |||
| CVE-2024-54259 | medium | 6.5 | 6.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in DELUCKS DELUCKS SEO delucks-seo allows Path Traversal.This issue affects DELUCKS SEO: from n/a through … | |||
| CVE-2024-54241 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in Appsbd Elite Notification – Sales Popup, Social Proof, FOMO & WooCommerce Notification allows Exploiting Incorrectly Configured Access Control Security Levels.T… | |||
| CVE-2024-54247 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ABCBiz ABCBiz Addons and Templates for Elementor allows Stored XSS.This issue affects ABCBiz Addo… | |||
| CVE-2024-53745 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 코스모스팜 – Cosmosfarm 소셜 공유 버튼 By 코스모스팜 cosmosfarm-share-buttons allows Stored XSS.This issue affect… | |||
| CVE-2024-53763 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rejuan Ahamed Best Addons for Elementor allows Stored XSS.This issue affects Best Addons for Elem… | |||
| CVE-2024-10270 | medium | 6.5 | 6.5 | 2y ago | org.keycloak:keycloak-services has Inefficient Regular Expression Complexity | |||
| CVE-2024-51901 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wojciechborowicz Smooth Maps colour-smooth-maps allows Stored XSS.This issue affects Smooth Maps:… | |||
| CVE-2024-51808 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pat O’Brien codeSnips codesnips allows Stored XSS.This issue affects codeSnips: from n/a through … | |||
| CVE-2024-51802 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bread & Butter Bread & Butter bread-butter allows DOM-Based XSS.This issue affects Bread & Butter… | |||
| CVE-2024-11193 | medium | 6.5 | 6.5 | 2y ago | An information disclosure vulnerability exists in Yugabyte Anywhere, where the LDAP bind password is logged in plaintext within application logs. This flaw results in the unintentional exposure of se… | |||
| CVE-2024-50465 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP SEO – Calin Vingan Premium SEO Pack allows SQL Injection.This issue affects Premium SEO Pack: … | |||
| CVE-2024-49280 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Weblizar - WordPress Themes & Plugin Lightbox slider – Responsive Lightbox Gallery simple-lightbo… | |||
| CVE-2024-49262 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wepic Country Flags for Elementor allows Stored XSS.This issue affects Country Flags for E… | |||
| CVE-2024-49289 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gora Tech LLC Cooked Pro allows Stored XSS.This issue affects Cooked Pro: from n/a before … | |||
| CVE-2024-48022 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SysBasics Shortcode For Elementor Templates allows Stored XSS.This issue affects Shortcode… | |||
| CVE-2024-21262 | medium | 6.5 | 6.5 | 2y ago | Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 9.0.0 and prior. Easily exploitable vulnerability allows unauthent… | |||
| CVE-2024-29510 | medium | — | 6.5 | 2y ago | Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device. | |||
| CVE-2024-8165 | medium | 6.5 | 6.5 | 2y ago | A vulnerability was identified in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. This vulnerability affects the function exportZip of the file /admin/file_manager/export. Such manipulati… | |||
| CVE-2024-39655 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LiquidPoll LiquidPoll – Advanced Polls for Creators and Brands.This issue affects LiquidPo… | |||
| CVE-2024-33568 | medium | 6.5 | 6.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Deserialization of Untrusted Data vulnerability in BdThemes Element Pack Pro allows Path Traversal, Object Injection.Th… | |||
| CVE-2024-34567 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GhozyLab, Inc. Popup Builder allows Stored XSS.This issue affects Popup Builder: from n/a … | |||
| CVE-2024-32800 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Felix Moira Popup More Popups allows Stored XSS.This issue affects Popup More Popups: from… | |||
| CVE-2024-34760 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPBlockart Magazine Blocks allows Stored XSS.This issue affects Magazine Blocks: from n/a … | |||
| CVE-2024-34441 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bootstrapped Ventures Easy Affiliate Links allows Stored XSS.This issue affects Easy Affiliate Li… | |||
| CVE-2024-34421 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsurface BlogLentor allows Stored XSS.This issue affects BlogLentor: from n/a through 1.0.8. | |||
| CVE-2024-34415 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress Thim Elementor Kit allows Stored XSS.This issue affects Thim Elementor Kit: from n/a th… | |||
| CVE-2024-33955 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme Freesia Freesia Empire allows Stored XSS.This issue affects Freesia Empire: from n/a throug… | |||
| CVE-2024-33954 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atanas Yonkov Pliska allows Stored XSS.This issue affects Pliska: from n/a through 0.3.5. | |||
| CVE-2024-33953 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt van Andel Adventure Journal allows Stored XSS.This issue affects Adventure Journal: from n/a… | |||
| CVE-2024-33952 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Tadlock Unique allows Stored XSS.This issue affects Unique: from n/a through 0.3.0. | |||
| CVE-2024-33951 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adam DeHaven Perfect Pullquotes allows Stored XSS.This issue affects Perfect Pullquotes: from n/a… | |||
| CVE-2024-33938 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in codename065 Sliding Widgets allows Cross-Site Scripting (XSS).This issue affects Sliding Widgets: from n/a through 1.5.0. | |||
| CVE-2024-32776 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in AppPresser Team AppPresser.This issue affects AppPresser: from n/a through 4.3.0. | |||
| CVE-2024-32717 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in WPDeveloper SchedulePress.This issue affects SchedulePress: from n/a through 5.0.8. | |||
| CVE-2024-34548 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesgrove WidgetKit allows Stored XSS.This issue affects WidgetKit: from n/a through 2.4.8. | |||
| CVE-2024-34414 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nobita allows Stored XSS.This issue affects raindrops: from n/a through 1.600. | |||
| CVE-2024-34564 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LogicHunt Inc. Counter Up allows Stored XSS.This issue affects Counter Up: from n/a through 2.2.1. | |||
| CVE-2024-34563 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoldAddons Gold Addons for Elementor allows Stored XSS.This issue affects Gold Addons for Element… | |||
| CVE-2024-34572 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemePrix Fancy Elementor Flipbox fancy-elementor-flipbox allows Stored XSS.This issue affects Fa… | |||
| CVE-2024-34571 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGrill Himalayas allows Stored XSS.This issue affects Himalayas: from n/a through 1.3.0. | |||
| CVE-2024-34573 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pootlepress Pootle Pagebuilder – WordPress Page builder allows Stored XSS.This issue affects Poot… | |||
| CVE-2024-33576 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in Ollybach WPPizza.This issue affects WPPizza: from n/a through 3.18.10. | |||
| CVE-2024-34390 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AddonMaster Post Grid Master allows Stored XSS.This issue affects Post Grid Master: from n/a thro… | |||
| CVE-2024-34380 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuantumCloud Conversational Forms for ChatBot allows Stored XSS.This issue affects Conversational… | |||
| CVE-2024-34376 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme Freesia Edge allows Stored XSS.This issue affects Edge: from n/a through 2.0.9. | |||
| CVE-2024-33931 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in ilGhera JW Player for WordPress.This issue affects JW Player for WordPress: from n/a through 2.3.3. | |||
| CVE-2024-33919 | medium | 6.5 | 6.5 | 2y ago | Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor.This issue affects RomethemeKit For Elementor: from n/a through 1.4.1. | |||
| CVE-2024-33927 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team GIPHY Giphypress allows Stored XSS.This issue affects Giphypress: from n/a through 1.6.2. | |||
| CVE-2024-33926 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Karl Kiesinger GWP-Histats allows Stored XSS.This issue affects GWP-Histats: from n/a through 1.0. | |||
| CVE-2024-33916 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MachoThemes CPO Companion allows Stored XSS.This issue affects CPO Companion: from n/a through 1.… | |||
| CVE-2024-33945 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in solverwp.Com Eleblog – Elementor Blog And Magazine Addons allows Stored XSS.This issue affects El… | |||
| CVE-2024-33936 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Twinpictures Print-O-Matic allows Stored XSS.This issue affects Print-O-Matic: from n/a through 2… | |||
| CVE-2024-33935 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pascal Bajorat PB MailCrypt allows Stored XSS.This issue affects PB MailCrypt: from n/a through 3… | |||
| CVE-2024-33934 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kailey Lampert Mini Loops allows Stored XSS.This issue affects Mini Loops: from n/a through 1.4.1. | |||
| CVE-2024-33932 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vinod Dalvi Login Logout Register Menu allows Stored XSS.This issue affects Login Logout Register… | |||
| CVE-2024-33949 | medium | 6.5 | 6.5 | 2y ago | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vark Min and Max Purchase for WooCommerce allows Stored XSS.This issue affects Min and Max Purcha… |