CVE-2024-51823

CVE-2024-51823 concerns the WordPress plugin Add Ribbon Shortcode (vulnerable up to 1.0.1) and describes a DOM‑Based XSS caused by improper input neutralization during web page generation. The description in the initial document states Cross-site Scripting for Add Ribbon Shortcode and lists affec...

CVE-2024-51824 WordPress Advanced Video Player with Analytics plugin <= 1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Karam Singh Advanced Video Player with Analytics advanced-video-player-with-analytics allows DOM-Based XSS.This issue affects Advanced Video Player with Analytics: from n/a through = 1...

CVE-2024-51825 WordPress Alert Me! plugin <= 0.4.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cristopher Ocaña Alert Me! allows DOM-Based XSS.This issue affects Alert Me!: from n/a through 0.4.0...

CVE-2024-51825

CVE-2024-51825 is a WordPress Alert Me! plugin vulnerability (

CVE-2024-51826

CVE-2024-51826 is a DOM-based XSS in the WordPress Bitcoin Payments plugin up to version 1.4.2 (WordPress plugin). Root cause: improper input neutralization during web page generation. Impact per cited data: cross-site scripting with Low/Medium factors per CVSS (6.5, MEDIUM) across affected Bitco...

CVE-2024-51827

CVE-2024-51827 concerns Boombox Shortcode plugin for WordPress. The connected sources confirm a DOM-based XSS due to improper input neutralization during web page generation, affecting Boombox Shortcode versions n/a through 1.0.0. The vulnerability is categorized as Cross‑Site Scripting with a me...

CVE-2024-51826 WordPress Bitcoin Payments plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in James Turner Bitcoin Payments allows DOM-Based XSS.This issue affects Bitcoin Payments: from n/a through 1.4.2...

CVE-2024-51836

CVE-2024-51836 (Wezido) is a DOM-Based XSS in Teconce Wezido (Wezido: from n/a through 1.2). The issue arises from improper input neutralization during web page generation and affects Wezido versions 1.2 and earlier. Connected PT-2024-34963 indicates a fix exists in a newer version and recommends...

CVE-2024-51836 WordPress Wezido plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in teconce Wezido wezido-elementor-addon-based-on-easy-digital-downloads allows DOM-Based XSS.This issue affects Wezido: from n/a through = 1.2...

CVE-2024-51838

CVE-2024-51838 describes a DOM-based XSS in the WordPress plugin Pull This (by Jon Smajda), affecting versions from n/a through 1.1. The issue is triggered by improper input neutralization during web page generation. The connected documents confirm the vulnerability type and affected plugin, and ...

CVE-2024-51839 WordPress Utech Spinning Earth plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meini Utech Spinning Earth utech-spinning-earth allows DOM-Based XSS.This issue affects Utech Spinning Earth: from n/a through = 1.2...

CVE-2024-51839 WordPress Utech Spinning Earth plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meini Utech Spinning Earth allows DOM-Based XSS.This issue affects Utech Spinning Earth: from n/a through 1.2...

CVE-2024-51839

CVE-2024-51839 – Utech Spinning Earth WordPress plugin exhibits a DOM-based XSS due to improper input neutralization during web page generation. Affected: Utech Spinning Earth versions up to 1.2 (and earlier). Public details across sources consistently describe the issue as Cross-Site Scripting w...

CVE-2024-51840

CVE-2024-51840 is a DOM-based XSS in the WordPress plugin Wd-image-magnifier-xoss by Rezaul Haque, affecting versions “from n/a through 1.0.” The description cites “Improper Neutralization of Input During Web Page Generation,” indicating that unsafe input handling in page rendering enables cross-...

CVE-2024-51841

CVE-2024-51841 is a DOM-based XSS in the ThemeNcode File Select Control For Elementor. Root cause: improper input neutralization during web page generation. Affected: File Select Control For Elementor versions

CVE-2024-51842 WordPress Image Carousel Shortcode plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sazzad Hu Image Carousel Shortcode allows DOM-Based XSS.This issue affects Image Carousel Shortcode: from n/a through 1.2...

CVE-2024-51842

CVE-2024-51842 involves the WordPress plugin “Image Carousel Shortcode.” The vulnerability is a DOM-based XSS caused by improper input neutralization during web page generation, affecting Image Carousel Shortcode versions up to 1.2. The provided documents do not specify exploitation status, impac...

CVE-2024-51851 WordPress best bootstrap widgets for elementor plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in salehattari best bootstrap widgets for elementor best-bootstrap-widgets-for-elementor allows DOM-Based XSS.This issue affects best bootstrap widgets for elementor: from n/a through = 1.0...

CVE-2024-51851 WordPress best bootstrap widgets for elementor plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in salehattari best bootstrap widgets for elementor best-bootstrap-widgets-for-elementor allows DOM-Based XSS.This issue affects best bootstrap widgets for elementor: from n/a through = 1.0...

CVE-2024-51851

CVE-2024-51851 is a cross-site scripting vulnerability in the WordPress plugin Best Bootstrap Widgets for Elementor (versions up to 1.0). The issue stems from improper input neutralization during web page generation, enabling DOM-based XSS. The connected sources indicate the plugin is affected up...