Lucene search

K

Ivory Search – WordPress Search Plugin Security Vulnerabilities

nvd
nvd

CVE-2024-35760

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...

4.8CVSS

0.0004EPSS

2024-06-21 01:15 PM
2
cve
cve

CVE-2024-35759

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...

5.9CVSS

5.7AI Score

0.0004EPSS

2024-06-21 01:15 PM
16
cvelist
cvelist

CVE-2024-35770 WordPress Vimeography plugin <= 2.4.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Dave Kiss Vimeography: Vimeo Video Gallery WordPress Plugin.This issue affects Vimeography: Vimeo Video Gallery WordPress Plugin: from n/a through...

4.3CVSS

0.001EPSS

2024-06-21 01:10 PM
4
vulnrichment
vulnrichment

CVE-2024-35770 WordPress Vimeography plugin <= 2.4.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Dave Kiss Vimeography: Vimeo Video Gallery WordPress Plugin.This issue affects Vimeography: Vimeo Video Gallery WordPress Plugin: from n/a through...

4.3CVSS

7AI Score

0.001EPSS

2024-06-21 01:10 PM
cvelist
cvelist

CVE-2024-35771 WordPress Customizr theme <= 4.4.21 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Customizr.This issue affects Customizr: from n/a through...

4.3CVSS

0.001EPSS

2024-06-21 01:08 PM
4
cvelist
cvelist

CVE-2024-35772 WordPress Hueman theme <= 3.7.24 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Hueman.This issue affects Hueman: from n/a through...

4.3CVSS

0.001EPSS

2024-06-21 01:06 PM
3
vulnrichment
vulnrichment

CVE-2024-35772 WordPress Hueman theme <= 3.7.24 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Hueman.This issue affects Hueman: from n/a through...

4.3CVSS

7AI Score

0.001EPSS

2024-06-21 01:06 PM
vulnrichment
vulnrichment

CVE-2024-35776 WordPress phpinfo() WP plugin <= 5.0 - Unauthenticated Data Exposure vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exeebit phpinfo() WP.This issue affects phpinfo() WP: from n/a through...

5.3CVSS

6.9AI Score

0.001EPSS

2024-06-21 01:05 PM
1
cvelist
cvelist

CVE-2024-35776 WordPress phpinfo() WP plugin <= 5.0 - Unauthenticated Data Exposure vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exeebit phpinfo() WP.This issue affects phpinfo() WP: from n/a through...

5.3CVSS

0.001EPSS

2024-06-21 01:05 PM
4
vulnrichment
vulnrichment

CVE-2024-5059 WordPress Event Monster Plugin <= 1.4.0 - Sensitive Data Exposure vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event Management Tickets Booking.This issue affects Event Management Tickets Booking: from n/a through...

5.3CVSS

6.9AI Score

0.001EPSS

2024-06-21 01:03 PM
1
cvelist
cvelist

CVE-2024-5059 WordPress Event Monster Plugin <= 1.4.0 - Sensitive Data Exposure vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event Management Tickets Booking.This issue affects Event Management Tickets Booking: from n/a through...

5.3CVSS

0.001EPSS

2024-06-21 01:03 PM
4
cvelist
cvelist

CVE-2024-35757 WordPress Easy Age Verify plugin <= 1.8.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in 5 Star Plugins Easy Age Verify allows Stored XSS.This issue affects Easy Age Verify: from n/a through...

5.9CVSS

0.0004EPSS

2024-06-21 12:43 PM
vulnrichment
vulnrichment

CVE-2024-35757 WordPress Easy Age Verify plugin <= 1.8.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in 5 Star Plugins Easy Age Verify allows Stored XSS.This issue affects Easy Age Verify: from n/a through...

5.9CVSS

6.8AI Score

0.0004EPSS

2024-06-21 12:43 PM
cvelist
cvelist

CVE-2024-35758 WordPress Interface theme <= 3.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Horse Interface allows Stored XSS.This issue affects Interface: from n/a through...

6.5CVSS

0.0004EPSS

2024-06-21 12:42 PM
3
vulnrichment
vulnrichment

CVE-2024-35758 WordPress Interface theme <= 3.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Horse Interface allows Stored XSS.This issue affects Interface: from n/a through...

6.5CVSS

6.8AI Score

0.0004EPSS

2024-06-21 12:42 PM
1
cvelist
cvelist

CVE-2024-35759 WordPress WP Job Portal plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...

5.9CVSS

0.0004EPSS

2024-06-21 12:41 PM
1
vulnrichment
vulnrichment

CVE-2024-35759 WordPress WP Job Portal plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...

5.9CVSS

6.8AI Score

0.0004EPSS

2024-06-21 12:41 PM
cvelist
cvelist

CVE-2024-35760 WordPress WP Job Portal – A Complete Job Board plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...

5.9CVSS

0.0004EPSS

2024-06-21 12:40 PM
3
vulnrichment
vulnrichment

CVE-2024-35760 WordPress WP Job Portal – A Complete Job Board plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through...

5.9CVSS

6.8AI Score

0.0004EPSS

2024-06-21 12:40 PM
1
vulnrichment
vulnrichment

CVE-2024-35761 WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.4.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Stored XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through...

6.5CVSS

6.9AI Score

0.0004EPSS

2024-06-21 12:38 PM
1
cvelist
cvelist

CVE-2024-35761 WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.4.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in vCita Online Booking & Scheduling Calendar for WordPress by vcita allows Stored XSS.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through...

6.5CVSS

0.0004EPSS

2024-06-21 12:38 PM
4
cvelist
cvelist

CVE-2024-35762 WordPress Serious Slider plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cryout Creations Serious Slider allows Stored XSS.This issue affects Serious Slider: from n/a through...

6.5CVSS

0.0004EPSS

2024-06-21 12:35 PM
2
vulnrichment
vulnrichment

CVE-2024-35762 WordPress Serious Slider plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cryout Creations Serious Slider allows Stored XSS.This issue affects Serious Slider: from n/a through...

6.5CVSS

6.8AI Score

0.0004EPSS

2024-06-21 12:35 PM
cvelist
cvelist

CVE-2024-35763 WordPress Excellent theme <= 1.2.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Freesia Excellent allows Stored XSS.This issue affects Excellent: from n/a through...

6.5CVSS

0.0004EPSS

2024-06-21 12:34 PM
3
cvelist
cvelist

CVE-2024-35764 WordPress Church Admin plugin <= 4.4.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Stored XSS.This issue affects Church Admin: from n/a through...

6.5CVSS

0.0004EPSS

2024-06-21 12:33 PM
4
vulnrichment
vulnrichment

CVE-2024-35764 WordPress Church Admin plugin <= 4.4.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Stored XSS.This issue affects Church Admin: from n/a through...

6.5CVSS

6.8AI Score

0.0004EPSS

2024-06-21 12:33 PM
1
kitploit
kitploit

Extrude - Analyse Binaries For Missing Security Features, Information Disclosure And More...

Analyse binaries for missing security features, information disclosure and more. Extrude is in the early stages of development, and currently only supports ELF and MachO binaries. PE (Windows) binaries will be supported soon. Usage Usage: extrude [flags] [file] Flags: -a,...

7AI Score

2024-06-21 12:30 PM
4
vulnrichment
vulnrichment

CVE-2024-35766 WordPress WPPizza – A Restaurant Plugin plugin <= 3.18.13 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ollybach WPPizza allows Reflected XSS.This issue affects WPPizza: from n/a through...

7.1CVSS

7AI Score

0.0005EPSS

2024-06-21 12:28 PM
2
cvelist
cvelist

CVE-2024-35766 WordPress WPPizza – A Restaurant Plugin plugin <= 3.18.13 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ollybach WPPizza allows Reflected XSS.This issue affects WPPizza: from n/a through...

7.1CVSS

0.0005EPSS

2024-06-21 12:28 PM
3
cvelist
cvelist

CVE-2024-35768 WordPress Page Builder: Live Composer plugin <= 1.5.42 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through...

5.9CVSS

0.0004EPSS

2024-06-21 12:27 PM
3
vulnrichment
vulnrichment

CVE-2024-35768 WordPress Page Builder: Live Composer plugin <= 1.5.42 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through...

5.9CVSS

6.8AI Score

0.0004EPSS

2024-06-21 12:27 PM
1
nvd
nvd

CVE-2024-5058

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper Typing Text allows Stored XSS.This issue affects Typing Text: from n/a through...

5.4CVSS

0.0004EPSS

2024-06-21 12:15 PM
5
cve
cve

CVE-2024-5058

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper Typing Text allows Stored XSS.This issue affects Typing Text: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-21 12:15 PM
20
nvd
nvd

CVE-2024-35779

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through...

5.4CVSS

0.0004EPSS

2024-06-21 12:15 PM
2
cve
cve

CVE-2024-35769

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in John West Slideshow SE allows Stored XSS.This issue affects Slideshow SE: from n/a through...

5.9CVSS

5.7AI Score

0.0004EPSS

2024-06-21 12:15 PM
20
nvd
nvd

CVE-2024-35769

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in John West Slideshow SE allows Stored XSS.This issue affects Slideshow SE: from n/a through...

4.8CVSS

0.0004EPSS

2024-06-21 12:15 PM
2
cve
cve

CVE-2024-35779

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-21 12:15 PM
19
nvd
nvd

CVE-2024-35774

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in D’arteweb DImage 360 allows Stored XSS.This issue affects DImage 360: from n/a through...

5.4CVSS

0.0004EPSS

2024-06-21 12:15 PM
2
cve
cve

CVE-2024-35774

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in D’arteweb DImage 360 allows Stored XSS.This issue affects DImage 360: from n/a through...

6.5CVSS

6.5AI Score

0.0004EPSS

2024-06-21 12:15 PM
20
vulnrichment
vulnrichment

CVE-2024-35769 WordPress Slideshow SE plugin <= 2.5.17 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in John West Slideshow SE allows Stored XSS.This issue affects Slideshow SE: from n/a through...

5.9CVSS

6.7AI Score

0.0004EPSS

2024-06-21 12:07 PM
cvelist
cvelist

CVE-2024-35769 WordPress Slideshow SE plugin <= 2.5.17 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in John West Slideshow SE allows Stored XSS.This issue affects Slideshow SE: from n/a through...

5.9CVSS

0.0004EPSS

2024-06-21 12:07 PM
2
vulnrichment
vulnrichment

CVE-2024-35774 WordPress DImage 360 plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in D’arteweb DImage 360 allows Stored XSS.This issue affects DImage 360: from n/a through...

6.5CVSS

6.8AI Score

0.0004EPSS

2024-06-21 12:05 PM
cvelist
cvelist

CVE-2024-35774 WordPress DImage 360 plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in D’arteweb DImage 360 allows Stored XSS.This issue affects DImage 360: from n/a through...

6.5CVSS

0.0004EPSS

2024-06-21 12:05 PM
3
talosblog
talosblog

Unveiling SpiceRAT: SneakyChef's latest tool targeting EMEA and Asia

Cisco Talos discovered a new remote access trojan (RAT) dubbed SpiceRAT, used by the threat actor SneakyChef in a recent campaign targeting government agencies in EMEA and Asia. We observed that SneakyChef launched a phishing campaign, sending emails delivering SugarGh0st and SpiceRAT with the...

7.5AI Score

2024-06-21 12:00 PM
5
cvelist
cvelist

CVE-2024-35779 WordPress Page Builder: Live Composer plugin <= 1.5.42 - Contributor+ Shortcode Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Live Composer Team Page Builder: Live Composer allows Stored XSS.This issue affects Page Builder: Live Composer: from n/a through...

6.5CVSS

0.0004EPSS

2024-06-21 11:40 AM
4
vulnrichment
vulnrichment

CVE-2024-5058 WordPress Typing Text plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper Typing Text allows Stored XSS.This issue affects Typing Text: from n/a through...

6.5CVSS

6.8AI Score

0.0004EPSS

2024-06-21 11:37 AM
1
cvelist
cvelist

CVE-2024-5058 WordPress Typing Text plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper Typing Text allows Stored XSS.This issue affects Typing Text: from n/a through...

6.5CVSS

0.0004EPSS

2024-06-21 11:37 AM
3
githubexploit
githubexploit

Exploit for Unrestricted Upload of File with Dangerous Type in Wpallimport Wp All Import

WordPress Plugin WP All Import &lt;= 3.6.7 - Thực thi mã từ xa...

7.2CVSS

7.1AI Score

0.015EPSS

2024-06-21 11:08 AM
114
cve
cve

CVE-2024-6027

The Themify – WooCommerce Product Filter plugin for WordPress is vulnerable to time-based SQL Injection via the ‘conditions’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

9.8CVSS

9.7AI Score

0.001EPSS

2024-06-21 10:15 AM
23
nvd
nvd

CVE-2024-6027

The Themify – WooCommerce Product Filter plugin for WordPress is vulnerable to time-based SQL Injection via the ‘conditions’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

7.5CVSS

0.001EPSS

2024-06-21 10:15 AM
2
Total number of security vulnerabilities409184