Vulnerabilities (CVE)

Total 304855 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-45246 2024-10-07 N/A 7.3 HIGH
Diebold Nixdorf – CWE-427: Uncontrolled Search Path Element
CVE-2024-44039 2024-10-07 N/A 5.9 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Travel allows Stored XSS.This issue affects WP Travel: from n/a through 9.3.1.
CVE-2024-45248 2024-10-07 N/A 7.5 HIGH
Multi-DNC – CWE-35: Path Traversal: '.../...//'
CVE-2024-47376 2024-10-07 N/A 5.9 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Slideshow Gallery allows Stored XSS.This issue affects Slideshow Gallery: from n/a through 1.8.3.
CVE-2024-45252 2024-10-07 N/A 9.8 CRITICAL
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-47356 2024-10-07 N/A 5.1 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Catch Themes Create allows Stored XSS.This issue affects Create: from n/a through 2.9.1.
CVE-2024-47339 2024-10-07 N/A 7.1 HIGH
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in James Ward WP Mail Catcher allows Reflected XSS.This issue affects WP Mail Catcher: from n/a through 2.1.9.
CVE-2024-47371 2024-10-07 N/A 5.9 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Walter Pinem WP MyLinks allows Stored XSS.This issue affects WP MyLinks: from n/a through 1.0.6.
CVE-2024-47631 2024-10-07 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bPlugins LLC Logo Carousel – Clients logo carousel for WP allows Stored XSS.This issue affects Logo Carousel – Clients logo carousel for WP: from n/a through 1.2.
CVE-2024-47345 2024-10-07 N/A 5.9 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Starter Templates allows Stored XSS.This issue affects Starter Templates: from n/a through 4.4.0.
CVE-2024-44037 2024-10-07 N/A 5.9 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MagePeople Team Multipurpose Ticket Booking Manager allows Stored XSS.This issue affects Multipurpose Ticket Booking Manager: from n/a through 4.2.2.
CVE-2024-44010 2024-10-07 N/A 5.1 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Catch Themes Full frame allows Stored XSS.This issue affects Full frame: from n/a through 2.7.2.
CVE-2024-47370 2024-10-07 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Paul Bearne Author Avatars List/Block allows Stored XSS.This issue affects Author Avatars List/Block: from n/a through 2.1.21.
CVE-2024-44027 2024-10-07 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TemeGUM Gum Elementor Addon allows Stored XSS.This issue affects Gum Elementor Addon: from n/a through 1.3.6.
CVE-2024-47381 2024-10-07 N/A 5.9 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Averta Depicter Slider allows Stored XSS.This issue affects Depicter Slider: from n/a through 3.2.2.
CVE-2024-47635 2024-10-07 N/A 5.4 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability in TinyPNG.This issue affects TinyPNG: from n/a through 3.4.3.
CVE-2024-47388 2024-10-07 N/A 7.1 HIGH
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SliceWP allows Reflected XSS.This issue affects SliceWP: from n/a through 1.1.18.
CVE-2024-47338 2024-10-07 N/A 7.6 HIGH
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPExpertsio WPExperts Square For GiveWP allows SQL Injection.This issue affects WPExperts Square For GiveWP: from n/a through 1.3.
CVE-2024-47382 2024-10-07 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webvitaly Page-list allows Stored XSS.This issue affects Page-list: from n/a through 5.6.
CVE-2024-47639 2024-10-07 N/A 6.5 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in VdoCipher allows Stored XSS.This issue affects VdoCipher: from n/a through 1.29.