Total
307073 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-51913 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mapme Mapme allows Stored XSS.This issue affects Mapme: from n/a through 1.3.2. | |||||
| CVE-2024-52395 | 2024-11-19 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in QunatumCloud Floating Buttons for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Floating Buttons for WooCommerce: from n/a through 2.8.8. | |||||
| CVE-2024-51871 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Luzuk Luzuk Team allows Stored XSS.This issue affects Luzuk Team: from n/a through 0.1.0. | |||||
| CVE-2024-51885 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takashi Matsuyama Browsing History allows Stored XSS.This issue affects Browsing History: from n/a through 1.3.1. | |||||
| CVE-2024-51869 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Best WP Developer Gutenium Blocks allows Stored XSS.This issue affects Gutenium Blocks: from n/a through 1.1.5. | |||||
| CVE-2024-51901 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wojciech Borowicz Smooth Maps allows Stored XSS.This issue affects Smooth Maps: from n/a through 1.1. | |||||
| CVE-2024-52600 | 2024-11-19 | N/A | 5.3 MEDIUM | ||
| Statmatic is a Laravel and Git powered content management system (CMS). Prior to version 5.17.0, assets uploaded with appropriately crafted filenames may result in them being placed in a location different than what was configured. The issue affects front-end forms with `assets` fields and other places where assets can be uploaded, although users would need upload permissions anyway. Files can be uploaded so they would be located on the server in a different location, and potentially override existing files. Traversal outside an asset container is not possible. This path traversal vulnerability has been fixed in 5.17.0. | |||||
| CVE-2024-51884 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takashi Matsuyama Posts Search allows Stored XSS.This issue affects Posts Search: from n/a through 1.2.2. | |||||
| CVE-2024-51861 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in duogeek EventPress allows Stored XSS.This issue affects EventPress: from n/a through 1.0.0. | |||||
| CVE-2024-51872 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Luzuk Luzuk Testimonials allows Stored XSS.This issue affects Luzuk Testimonials: from n/a through 0.0.1. | |||||
| CVE-2024-51907 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codemenschen WP Virtual Room Configurator allows Stored XSS.This issue affects WP Virtual Room Configurator: from n/a through 1.0.0. | |||||
| CVE-2024-51910 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mauro Cordioli Assist24 Help Desk allows DOM-Based XSS.This issue affects Assist24 Help Desk: from n/a through 20150401.2. | |||||
| CVE-2024-51836 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Teconce Wezido allows DOM-Based XSS.This issue affects Wezido: from n/a through 1.2. | |||||
| CVE-2024-51856 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Moose Moose Elementor Kit allows DOM-Based XSS.This issue affects Moose Elementor Kit: from n/a through 1.0.0. | |||||
| CVE-2024-51903 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in imFORZA WP Listings Pro allows Stored XSS.This issue affects WP Listings Pro: from n/a through 3.0.14. | |||||
| CVE-2024-51936 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Henry ESB Testimonials allows Stored XSS.This issue affects ESB Testimonials: from n/a through 1.0.0. | |||||
| CVE-2024-51847 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in giovanebribeiro WP PagSeguro Payments allows Stored XSS.This issue affects WP PagSeguro Payments: from n/a through 1.0. | |||||
| CVE-2024-52420 | 2024-11-19 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Creative Motion Disable Admin Notices individually allows Cross Site Request Forgery.This issue affects Disable Admin Notices individually: from n/a through 1.3.5. | |||||
| CVE-2024-51909 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Monarkie Digital Content Solutions audioCase allows DOM-Based XSS.This issue affects audioCase: from n/a through 1.2.1. | |||||
| CVE-2024-51844 | 2024-11-19 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kiran Patil Location Click Map allows Stored XSS.This issue affects Location Click Map: from n/a through 1.0. | |||||