Total
35377 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-50522 | 2024-11-19 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Redy Ru WeChat Subscribers Lite allows Reflected XSS.This issue affects WeChat Subscribers Lite : from n/a through 1.6.6. | |||||
| CVE-2024-51811 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hussam Hussien Popup Image allows Stored XSS.This issue affects Popup Image: from n/a through 1.0.1. | |||||
| CVE-2024-51053 | 2024-11-19 | N/A | 9.8 CRITICAL | ||
| An arbitrary file upload vulnerability in the component /main/fileupload.php of AVSCMS v8.2.0 allows attackers to execute arbitrary code via uploading a crafted file. | |||||
| CVE-2024-50536 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Intuitive Design GDReseller allows DOM-Based XSS.This issue affects GDReseller: from n/a through 1.6. | |||||
| CVE-2024-50513 | 2024-11-19 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Post Grid Team by WPXPO PostX allows Stored XSS.This issue affects PostX: from n/a through 4.1.15. | |||||
| CVE-2024-50549 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bonway Services Bonway Static Block Editor allows DOM-Based XSS.This issue affects Bonway Static Block Editor: from n/a through 1.1.0. | |||||
| CVE-2024-50541 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Enea Overclokk Advanced Control Manager for WordPress by ItalyStrap allows Stored XSS.This issue affects Advanced Control Manager for WordPress by ItalyStrap: from n/a through 2.16.0. | |||||
| CVE-2024-51801 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jake Brown Brand my Footer allows DOM-Based XSS.This issue affects Brand my Footer: from n/a through 1.1. | |||||
| CVE-2024-50516 | 2024-11-19 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adam Skaat Countdown & Clock allows Stored XSS.This issue affects Countdown & Clock: from n/a through 2.8.0.9. | |||||
| CVE-2024-51798 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Surbma Surbma | Font Awesome allows DOM-Based XSS.This issue affects Surbma | Font Awesome: from n/a through 3.0. | |||||
| CVE-2024-51808 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pat O’Brien codeSnips allows Stored XSS.This issue affects codeSnips: from n/a through 1.2. | |||||
| CVE-2024-52345 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Roberto Alicata ra_qrcode allows Stored XSS.This issue affects ra_qrcode: from n/a through 2.1.0. | |||||
| CVE-2024-51810 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in George Lewe Lewe Bootstrap Visuals allows Stored XSS.This issue affects Lewe Bootstrap Visuals: from n/a through 2.2.2. | |||||
| CVE-2024-50535 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle M. Brown Step by Step allows Stored XSS.This issue affects Step by Step: from n/a through 0.4.5. | |||||
| CVE-2024-51812 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasim Pro Addons For Elementor allows Stored XSS.This issue affects Pro Addons For Elementor: from n/a through 1.5.0. | |||||
| CVE-2024-52341 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Offshorent Solutions Pvt Ltd. | Jinesh.P.V OS Our Team allows Stored XSS.This issue affects OS Our Team: from n/a through 1.7. | |||||
| CVE-2024-51833 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noman Akhtar Easy Social Sharebar allows Stored XSS.This issue affects Easy Social Sharebar: from n/a through 1.0.0. | |||||
| CVE-2024-50545 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Auburnforest DataMentor allows DOM-Based XSS.This issue affects DataMentor: from n/a through 1.7. | |||||
| CVE-2024-11198 | 2024-11-19 | N/A | 6.4 MEDIUM | ||
| The GD Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘extra_class’ parameter in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||||
| CVE-2024-51796 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPManageNinja Trendy Restaurant Menu allows DOM-Based XSS.This issue affects Trendy Restaurant Menu: from n/a through 1.0.0. | |||||