VIR Vulnerability Intelligence Relay

CVEs from 2024

6,961 normalized CVEs published or assigned in this year.

Total
6,961
critical
critical 114
high
high 1,032
medium
medium 1,998
low
low 47
% Critical
1.6%
% with KEV
2.3%
% with exploit
2.8%

Top vendors

Top products

  • surveillance_station 12
  • checkmk 10
  • profilegrid 8
  • office 8
  • office_long_term_servicing_channel 6
  • glibc 5
  • virtual_traffic_manager 5
  • element_pack 5

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2024-31941 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in CodePeople CP Media Player.This issue affects CP Media Player: from n/a through 1.1.3.
CVE-2024-32452 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in WP EasyCart.This issue affects WP EasyCart: from n/a through 5.5.19.
CVE-2024-32449 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in MagniGenie RestroPress.This issue affects RestroPress: from n/a through 3.1.2.
CVE-2024-32446 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce.This issue affects Wallet System for WooCommerce: from n/a through 2.5.9.
CVE-2024-32147 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Form Plugin Team - GhozyLab Easy Contact Form Lite allows Stored XSS.This issue affects Easy Cont…
CVE-2024-31279 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in Catch Plugins Generate Child Theme.This issue affects Generate Child Theme: from n/a through 2.0.
CVE-2024-31263 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in aerin Loan Repayment Calculator and Application Form.This issue affects Loan Repayment Calculator and Application Form: from n/a through 2.9.4.
CVE-2024-31262 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in Jcodex WooCommerce Checkout Field Editor (Checkout Manager).This issue affects WooCommerce Checkout Field Editor (Checkout Manager): from n/a throug…
CVE-2024-31936 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in AyeCode Ltd UsersWP.This issue affects UsersWP: from n/a before 1.2.6.
CVE-2024-27970 medium 5.4 5.4 2y ago Missing Authorization vulnerability in BogdanFix WP SendFox.This issue affects WP SendFox: from n/a through 1.3.0.
CVE-2024-25922 medium 5.4 5.4 2y ago Missing Authorization vulnerability in Peach Payments Peach Payments Gateway.This issue affects Peach Payments Gateway: from n/a through 3.1.9.
CVE-2024-25907 medium 5.4 5.4 2y ago Missing Authorization vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2.
CVE-2024-31369 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2.
CVE-2024-31375 medium 5.4 5.4 2y ago Missing Authorization vulnerability in Saleswonder Team: Tobias WP2LEADS wp2leads.This issue affects WP2LEADS: from n/a through <= 3.2.7.
CVE-2024-31349 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch MailMunch – Grow your Email List allows Stored XSS.This issue affects MailMunch – Grow …
CVE-2024-31306 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Stored XSS.This issue affects Essential Blocks …
CVE-2024-31296 medium 5.4 5.4 2y ago Authorization Bypass Through User-Controlled Key vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.81.
CVE-2024-31236 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addons: from…
CVE-2024-30530 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Stored XSS.This issue a…
CVE-2024-30524 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RedLettuce Plugins PDF Viewer for Elementor allows Stored XSS.This issue affects PDF Viewer for E…
CVE-2024-31120 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Stored XSS.This issue affects Responsive …
CVE-2024-31100 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in Festi-Team Popup Cart Lite for WooCommerce.This issue affects Popup Cart Lite for WooCommerce: from n/a through 1.1.
CVE-2024-30442 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a thr…
CVE-2024-30453 medium 5.4 5.4 2y ago Server-Side Request Forgery (SSRF) vulnerability in Brave Brave Popup Builder.This issue affects Brave Popup Builder: from n/a through 0.6.5.
CVE-2024-30446 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks Forms allows Stored XSS.This issue affects CRM Perks Forms: from n/a through …
CVE-2024-30521 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in Landingi Landingi Landing Pages.This issue affects Landingi Landing Pages: from n/a through 3.1.1.
CVE-2024-30429 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hans Matzen allows Stored XSS.This issue affects wp-forecast: from n/a through 9.2.
CVE-2024-30426 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HashThemes Hash Elements allows Stored XSS.This issue affects Hash Elements: from n/a through 1.3…
CVE-2024-30423 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BetterAddons Better Elementor Addons allows Stored XSS.This issue affects Better Elementor Addons…
CVE-2024-30520 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Labib Ahmed Carousel Anything For WPBakery Page Builder allows Stored XSS.This issue affects Caro…
CVE-2024-30519 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lordicon Lordicon Animated Icons allows Stored XSS.This issue affects Lordicon Animated Icons: fr…
CVE-2024-30483 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Sponsorships Sponsors allows Stored XSS.This issue affects Sponsors: from n/a through 3.5.…
CVE-2024-28003 medium 5.4 5.4 2y ago Missing Authorization vulnerability in Megamenu Max Mega Menu.This issue affects Max Mega Menu: from n/a through 3.3.
CVE-2024-23515 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in Cincopa Post Video Players.This issue affects Post Video Players: from n/a through 1.159.
CVE-2024-29812 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ReviewX allows Stored XSS.This issue affects ReviewX: from n/a through 1.6.22.
CVE-2024-29811 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftLab Radio Player allows Stored XSS.This issue affects Radio Player: from n/a through 2.0.73.
CVE-2024-29807 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DearHive DearFlip allows Stored XSS.This issue affects DearFlip: from n/a through 2.2.26.
CVE-2024-29804 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Heateor Fancy Comments WordPress allows Stored XSS.This issue affects Fancy Comments WordPre…
CVE-2024-29796 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hot Themes Hot Random Image allows Stored XSS.This issue affects Hot Random Image: from n/a throu…
CVE-2024-29793 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by Ma…
CVE-2024-30186 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Prime Slider – Addons For Elementor allows Stored XSS.This issue affects Prime Slider – …
CVE-2024-30185 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elemento…
CVE-2024-30179 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a thr…
CVE-2024-30177 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Exclusive Addons Exclusive Addons Elementor allows Stored XSS.This issue affects Exclusive Addons…
CVE-2024-29935 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SinaExtra Sina Extension for Elementor allows Stored XSS.This issue affects Sina Extension for El…
CVE-2024-29932 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Stored XSS.This issue affects …
CVE-2024-29927 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasTheme WishSuite allows Stored XSS.This issue affects WishSuite: from n/a through 1.3.7.
CVE-2024-29926 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes WC Builder allows Stored XSS.This issue affects WC Builder: from n/a through 1.0.18.
CVE-2024-29925 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWax Post Grid, Slider & Carousel Ultimate allows Stored XSS.This issue affects Post Grid, Slide…
CVE-2024-29920 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moveaddons Move Addons for Elementor allows Stored XSS.This issue affects Move Addons for Element…
CVE-2024-29918 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Survey Maker team Survey Maker allows Reflected XSS.This issue affects Survey Maker: from n/a thr…
CVE-2024-29913 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Tutor LMS Elementor Addons allows Stored XSS.This issue affects Tutor LMS Elementor Addon…
CVE-2024-29911 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for El…
CVE-2024-29906 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Stored XSS.This issue affects …
CVE-2024-25920 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP SMS allows Stored XSS.This issue affects WP SMS: from n/a through 6.3.4.
CVE-2024-30232 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Exclusive Addons Exclusive Addons Elementor allows Stored XSS.This issue affects Exclusive Addons…
CVE-2024-2888 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop Editor allows Stored XSS.This i…
CVE-2024-24840 medium 5.4 5.4 2y ago Missing Authorization vulnerability in BdThemes Element Pack Elementor Addons.This issue affects Element Pack Elementor Addons: from n/a through 5.4.11.
CVE-2024-27963 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crisp allows Stored XSS.This issue affects Crisp: from n/a through 0.44.
CVE-2024-27995 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile…
CVE-2024-29108 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leevio Happy Addons for Elementor allows Stored XSS.This issue affects Happy Addons for Elementor…
CVE-2024-29107 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPVibes Elementor Addon Elements allows Stored XSS.This issue affects Elementor Addon Elements: f…
CVE-2024-29106 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.This issue affects Premium Addons for Eleme…
CVE-2024-29101 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jegtheme Jeg Elementor Kit allows Stored XSS.This issue affects Jeg Elementor Kit: from n/a throu…
CVE-2024-29115 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zaytech Smart Online Order for Clover allows Stored XSS.This issue affects Smart Online Order for…
CVE-2024-29114 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in W3 Eden, Inc. Download Manager allows Stored XSS.This issue affects Download Manager: from n/a th…
CVE-2024-29109 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jan-Peter Lambeck & 3UU Shariff Wrapper allows Stored XSS.This issue affects Shariff Wrapper: fro…
CVE-2024-25593 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Basix NEX-Forms – Ultimate Form Builder allows Stored XSS.This issue affects NEX-Forms – Ultimate…
CVE-2024-27189 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget allows Stored XSS.This issue affects WP Social Widget: from n/a thro…
CVE-2024-25934 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormFacade allows Stored XSS.This issue affects FormFacade: from n/a through 1.0.0.
CVE-2024-25598 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Elementor allows Stored XSS.This issue affects Livemesh Addons for E…
CVE-2024-27986 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Elementor Addons by Livemesh allows Stored XSS.This issue affects Elementor Addons by Li…
CVE-2024-25099 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David de Boer Paytium: Mollie payment forms & donations allows Stored XSS.This issue affects Payt…
CVE-2024-25097 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode LLC TNC PDF viewer allows Stored XSS.This issue affects TNC PDF viewer: from n/a throu…
CVE-2024-25594 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Savvy Wordpress Development MyWaze allows Stored XSS.This issue affects MyWaze: from n/a through …
CVE-2024-25098 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pascal Bajorat PB oEmbed HTML5 Audio – with Cache Support allows Stored XSS.This issue affects PB…
CVE-2024-25094 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Jura & Nicolas Montigny PJ News Ticker allows Stored XSS.This issue affects PJ News Ticker: …
CVE-2024-24705 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in Octa Code Accessibility.This issue affects Accessibility: from n/a through 1.0.6.
CVE-2024-1706 medium 5.4 5.4 2y ago A vulnerability was determined in ZKTeco ZKBio Access IVS up to 3.3.2. This impacts an unknown function of the component Department Name Search Bar. This manipulation with the input <marquee>hi cause…
CVE-2024-25905 medium 5.4 5.4 2y ago Cross-Site Request Forgery (CSRF) vulnerability in Mondula GmbH Multi Step Form.This issue affects Multi Step Form: from n/a through 1.7.18.
CVE-2024-24931 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in swadeshswain Before After Image Slider WP allows Stored XSS.This issue affects Before After Image…
CVE-2024-24930 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes.Com Buttons Shortcode and Widget allows Stored XSS.This issue affects Buttons Shortcode…
CVE-2024-24928 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arunas Liuiza Content Cards allows Stored XSS.This issue affects Content Cards: from n/a through …
CVE-2024-23517 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Start Booking Scheduling Plugin – Online Booking for WordPress allows Stored XSS.This issue affec…
CVE-2024-23516 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Calculators World CC BMI Calculator allows Stored XSS.This issue affects CC BMI Calculator: from …
CVE-2024-23514 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ClickToTweet.Com Click To Tweet allows Stored XSS.This issue affects Click To Tweet: from n/a thr…
CVE-2024-24804 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in websoudan MW WP Form allows Stored XSS.This issue affects MW WP Form: from n/a through 5.0.6.
CVE-2024-24803 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPoperation Ultra Companion – Companion plugin for WPoperation Themes allows Stored XSS.This issu…
CVE-2024-24801 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LogicHunt OWL Carousel – WordPress Owl Carousel Slider allows Stored XSS.This issue affects OWL C…
CVE-2024-24713 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Auto Listings Auto Listings – Car Listings & Car Dealership Plugin for WordPress allows Stored…
CVE-2024-24712 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login WordPress allows Stored XSS.This issue affects Heateor Social L…
CVE-2024-24836 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Audrasjb GDPR Data Request Form allows Stored XSS.This issue affects GDPR Data Request Form: from…
CVE-2024-24885 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lê Văn Toản Woocommerce Vietnam Checkout allows Stored XSS.This issue affects Woocommerce Vietnam…
CVE-2024-24880 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apollo13Themes Apollo13 Framework Extensions allows Stored XSS.This issue affects Apollo13 Framew…
CVE-2024-24886 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Acowebs Product Labels For Woocommerce (Sale Badges) allows Stored XSS.This issue affects Product…
CVE-2024-24865 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noah Kagan Scroll Triggered Box allows Stored XSS.This issue affects Scroll Triggered Box: from n…
CVE-2024-24839 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content (JSON-LD) #wpsc allows Stored XSS.This issue aff…
CVE-2024-24838 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Five Star Plugins Five Star Restaurant Reviews allows Stored XSS.This issue affects Five Star Res…
CVE-2024-24870 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Dempfle Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a th…
CVE-2024-22158 medium 5.4 5.4 2y ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles allows Store…