CVEs from 2024
Total
6,678
critical
critical 124
high
high 1,047
medium
medium 2,013
low
low 48
% Critical
1.9%
% with KEV
2.4%
% with exploit
3.3%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- glibc 5
- virtual_traffic_manager 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-32104 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1. | |||
| CVE-2024-32102 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Scott Kingsley Clark Crony Cronjob Manager.This issue affects Crony Cronjob Manager: from n/a through 0.5.0. | |||
| CVE-2024-32099 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in James Ward WP Mail Catcher.This issue affects WP Mail Catcher: from n/a through 2.1.6. | |||
| CVE-2024-32095 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in MultiParcels MultiParcels Shipping For WooCommerce.This issue affects MultiParcels Shipping For WooCommerce: from n/a before 1.16.9. | |||
| CVE-2024-32094 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in ChurchThemes Church Content – Sermons, Events and More.This issue affects Church Content – Sermons, Events and More: from n/a through 2.6. | |||
| CVE-2024-32089 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Digital Publications by Supsystic.This issue affects Digital Publications by Supsystic: from n/a through 1.7.7. | |||
| CVE-2024-32088 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd.This issue affects Coming Soon Page, Under Construction & Maintenance M… | |||
| CVE-2024-32084 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Gold Plugins Before And After.This issue affects Before And After: from n/a through 3.9. | |||
| CVE-2024-32451 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in wpWax Legal Pages.This issue affects Legal Pages: from n/a through 1.4.2. | |||
| CVE-2024-32450 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team WpTravelly.This issue affects WpTravelly: from n/a through 1.6.0. | |||
| CVE-2024-32448 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in VideoYield.Com Ads.Txt Admin.This issue affects Ads.Txt Admin: from n/a through 1.3. | |||
| CVE-2024-32447 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1. | |||
| CVE-2024-31364 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts.This issue affects ELEX WooCommerce Dynamic Pricing and Discounts: from n/a through 2.1.… | |||
| CVE-2024-31360 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Coded Commerce, LLC Benchmark Email Lite.This issue affects Benchmark Email Lite: from n/a through 4.1. | |||
| CVE-2024-31354 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8. | |||
| CVE-2024-31305 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in rtCamp Transcoder.This issue affects Transcoder: from n/a through 1.3.5. | |||
| CVE-2024-31289 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Elementor Hello Elementor.This issue affects Hello Elementor: from n/a through 3.0.0. | |||
| CVE-2024-31271 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Ultimate Maps by Supsystic.This issue affects Ultimate Maps by Supsystic: from n/a through 1.2.16. | |||
| CVE-2024-31251 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in PeepSo Community by PeepSo.This issue affects Community by PeepSo: from n/a through 6.3.1.1. | |||
| CVE-2024-31250 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Saumya Majumder WP Server Health Stats.This issue affects WP Server Health Stats: from n/a through 1.7.3. | |||
| CVE-2024-31239 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Nudgify Nudgify Social Proof, Sales Popup & FOMO.This issue affects Nudgify Social Proof, Sales Popup & FOMO: from n/a through 1.3.3. | |||
| CVE-2024-31235 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.5. | |||
| CVE-2024-31372 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Arnan de Gans No-Bot Registration.This issue affects No-Bot Registration: from n/a through 1.9.1. | |||
| CVE-2024-31371 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Xylus Themes WP Event Aggregator.This issue affects WP Event Aggregator: from n/a through 1.7.6. | |||
| CVE-2024-32105 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts.This issue affects ELEX WooCommerce Dynamic Pricing and Discounts: from n/a through 2.1.… | |||
| CVE-2024-32109 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Julien Berthelot / MPEmbed.Com WP Matterport Shortcode allows Cross Site Request Forgery.This issue affects WP Matterport Shortcode: from n/a throug… | |||
| CVE-2024-32108 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Stephanie Leary Convert Post Types.This issue affects Convert Post Types: from n/a through 1.4. | |||
| CVE-2024-32107 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0. | |||
| CVE-2024-31935 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in BracketSpace Simple Post Notes.This issue affects Simple Post Notes: from n/a through 1.7.6. | |||
| CVE-2024-31934 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Link Whisper Link Whisper Free.This issue affects Link Whisper Free: from n/a through 0.6.9. | |||
| CVE-2024-32112 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Leadinfo leadinfo. The patch was released under the same version which was reported as vulnerable. We consider the current version as vulnerable.Thi… | |||
| CVE-2024-25908 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in JoomUnited WP Media folder.This issue affects WP Media folder: from n/a through 5.7.2. | |||
| CVE-2024-24883 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.11.10. | |||
| CVE-2024-31939 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Import any XML or CSV File to WordPress.This issue affects Import any XML or CSV File to WordPress: from n/a through 3.7.3. | |||
| CVE-2024-31386 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Hidekazu Ishikawa X-T9, Hidekazu Ishikawa Lightning, themeinwp Default Mag, Out the Box Namaha, Out the Box CityLogic, Marsian i-max, Jetmonsters Em… | |||
| CVE-2024-31944 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Octolize WooCommerce UPS Shipping – Live Rates and Access Points.This issue affects WooCommerce UPS Shipping – Live Rates and Access Points: from n/… | |||
| CVE-2024-31943 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Octolize USPS Shipping for WooCommerce – Live Rates.This issue affects USPS Shipping for WooCommerce – Live Rates: from n/a through 1.9.2. | |||
| CVE-2024-22155 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 8.5.2. | |||
| CVE-2024-29225 | medium | 4.3 | 4.3 | 2y ago | ELECOM wireless LAN routers allow a network-adjacent unauthenticated attacker to obtain the configuration file containing sensitive information by sending a specially crafted request. | |||
| CVE-2024-31096 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in kopatheme Nictitate.This issue affects Nictitate: from n/a through 1.1.4. | |||
| CVE-2024-30541 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Optimize.This issue affects LWS Optimize: from n/a through 1.9.1. | |||
| CVE-2024-30536 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Slugs Manager.This issue affects Slugs Manager: from n/a through 2.6.7. | |||
| CVE-2024-30526 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Easy Social Feed.This issue affects Easy Social Feed: from n/a through 6.5.6. | |||
| CVE-2024-30468 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in All In One WP Security & Firewall Team All In One WP Security & Firewall.This issue affects All In One WP Security & Firewall: from n/a through 5.2.… | |||
| CVE-2024-30460 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Tumult Inc Tumult Hype Animations.This issue affects Tumult Hype Animations: from n/a through 1.9.11. | |||
| CVE-2024-30455 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in GamiPress.This issue affects GamiPress: from n/a through 6.8.5. | |||
| CVE-2024-30518 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0. | |||
| CVE-2024-30492 | medium | 4.3 | 4.3 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WebToffee Import Export WordPress Users.This issue affects Import Export WordPress Users: from n/a thro… | |||
| CVE-2024-30421 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Pixelite Events Manager.This issue affects Events Manager: from n/a through 6.4.7.1. | |||
| CVE-2024-28004 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in ExtendThemes Colibri Page Builder.This issue affects Colibri Page Builder: from n/a through 1.0.248. | |||
| CVE-2024-2951 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.3.0.0. | |||
| CVE-2024-24719 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in Uriahs Victor Location Picker at Checkout for WooCommerce.This issue affects Location Picker at Checkout for WooCommerce: from n/a through 1.8.9. | |||
| CVE-2024-24711 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in weDevs WooCommerce Conversion Tracking.This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.11. | |||
| CVE-2024-23520 | medium | 4.3 | 4.3 | 2y ago | Missing Authorization vulnerability in AccessAlly PopupAlly.This issue affects PopupAlly: from n/a through 2.1.0. | |||
| CVE-2024-24708 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER.This issue affects W3SPEEDSTER: from n/a through 7.19. | |||
| CVE-2024-24837 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Frédéric GILLES FG PrestaShop to WooCommerce, Frédéric GILLES FG Drupal to WordPress, Frédéric GILLES FG Joomla to WordPress.This issue affects FG P… | |||
| CVE-2024-24706 | medium | 4.3 | 4.3 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Forum One WP-CFM wp-cfm.This issue affects WP-CFM: from n/a through 1.7.8. | |||
| CVE-2024-56275 | medium | 4.1 | 4.1 | 1y ago | Server-Side Request Forgery (SSRF) vulnerability in Envato Envato Elements allows Server Side Request Forgery.This issue affects Envato Elements: from n/a through 2.0.14. | |||
| CVE-2024-32078 | medium | 4.1 | 4.1 | 2y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Foliovision FV Flowplayer Video Player.This issue affects FV Flowplayer Video Player: from n/a through 7.5.44.7212. | |||
| CVE-2024-2097 | medium | — | — | 2y ago | RHSA-2024:1141: mysql security update (Moderate) |