WordPress Quill Forms Plugin <= 3.7.0 is vulnerable to Cross Site Scripting (XSS)

Software Quill Forms Type Plugin Vulnerable versions = 3.7.0 Fixed in 3.8.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47393 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 34a391a0728b Credits LVT-tholv2k Required privilege Contributor...

WordPress Bold Page Builder Plugin < 5.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Bold Page Builder Type Plugin Vulnerable versions 5.1.1 Fixed in 5.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47391 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6f2249a87cc9 Credits Robert DeVore Required privilege...

WordPress JobSearch Plugin <= 2.5.9 is vulnerable to Cross Site Scripting (XSS)

Software JobSearch Type Plugin Vulnerable versions = 2.5.9 Fixed in 2.6.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47394 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2995ae22faae Credits Bonds Required privilege Unauthenticat...

WordPress Elementor Addon Elements Plugin <= 1.13.6 is vulnerable to Broken Access Control

Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.13.6 Fixed in 1.13.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-47361 Patch priority Low CVSS severity Low 6.5 Developer WPVibes PSID 2e7a1c5b31a1 Credits Rafie Muhammad Patchstack...

WordPress Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin Plugin <= 1.27 is vulnerable to Cross Site Scripting (XSS)

Software Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin Type Plugin Vulnerable versions = 1.27 Fixed in 1.28 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47647 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID aac881dee8e9 Credits...

编号撤回

Simple Spellchecker is a spellchecker module for Node.js by José Personal Developer. This CVE number has been withdrawn...

WordPress Depicter Slider Plugin <= 3.2.2 is vulnerable to Broken Access Control

Software Depicter Slider Type Plugin Vulnerable versions = 3.2.2 Fixed in 3.5.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-47359 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID fe95aaab539d Credits Rafie Muhammad Patchstack...

WordPress Web Directory Free Plugin <= 1.7.3 is vulnerable to Cross Site Scripting (XSS)

Software Web Directory Free Type Plugin Vulnerable versions = 1.7.3 Fixed in 1.7.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47379 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7db5790f7ffc Credits Certus Cybersecurity Required...

WordPress LiteSpeed Cache Plugin <= 6.5.0.2 is vulnerable to Cross Site Scripting (XSS)

Software LiteSpeed Cache Type Plugin Vulnerable versions = 6.5.0.2 Fixed in 6.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47374 Patch priority Medium CVSS severity Medium 7.1 Developer Hai Zheng / Lite Speed Cache PSID b2ad66b394ec Credits TaiYou Required...

WordPress YITH WooCommerce Product Add-Ons Plugin <= 4.13.0 is vulnerable to Cross Site Scripting (XSS)

Software YITH WooCommerce Product Add-Ons Type Plugin Vulnerable versions = 4.13.0 Fixed in 4.13.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47367 Patch priority Medium CVSS severity Medium 7.1 Developer YITH PSID 4f86ebd3a7b4 Credits Le Ngoc Anh Required...

WordPress Elementor Addon Elements Plugin <= 1.13.6 is vulnerable to Cross Site Scripting (XSS)

Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.13.6 Fixed in 1.13.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47366 Patch priority Low CVSS severity Low 6.5 Developer WPVibes PSID e5b93a793554 Credits João Pedro S Alcântara Kinorth...

WordPress Starbox Plugin < 3.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Starbox Type Plugin Vulnerable versions 3.5.3 Fixed in 3.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8239 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 03e73e132e18 Credits Dmitrii Ignatyev Required privileg...

WordPress WP-Lister Lite for eBay Plugin <= 3.6.3 is vulnerable to Cross Site Scripting (XSS)

Software WP-Lister Lite for eBay Type Plugin Vulnerable versions = 3.6.3 Fixed in 3.6.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47380 Patch priority Medium CVSS severity Medium 7.1 Developer WP Lab PSID 048f66c74b94 Credits Le Ngoc Anh Required privilege...

WordPress WP MyLinks Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software WP MyLinks Type Plugin Vulnerable versions = 1.0.6 Fixed in 1.0.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47371 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a980ce4c70f6 Credits SOPROBRO Required privilege Editor Publishe...

WordPress Confetti Fall Animation Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Confetti Fall Animation Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47641 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e1b31f88b4d3 Credits stealthcopter Required privilege...

WordPress BuddyForms Plugin <= 2.8.12 is vulnerable to Cross Site Scripting (XSS)

Software BuddyForms Type Plugin Vulnerable versions = 2.8.12 Fixed in 2.8.13 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47377 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9418faef5fbf Credits SOPROBRO Required privilege Editor...

WordPress GTM Server Side Plugin <= 2.1.19 is vulnerable to Cross Site Scripting (XSS)

Software GTM Server Side Type Plugin Vulnerable versions = 2.1.19 Fixed in 2.1.20 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8712 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID cddfd6eae0a1 Credits vgo0 Required...

WordPress WP Bulk Delete Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Bulk Delete Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47352 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dc28e517fd6c Credits Dimas Maulana Required privilege...

WordPress Premium Blocks – Gutenberg Blocks for WordPress Plugin <= 2.1.33 is vulnerable to Cross Site Scripting (XSS)

Software Premium Blocks – Gutenberg Blocks for WordPress Type Plugin Vulnerable versions = 2.1.33 Fixed in 2.1.34 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47368 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID f6e2745653a5 Credits João Pedro ...

WordPress EU/UK VAT Manager for WooCommerce Plugin <= 2.12.12 is vulnerable to Broken Access Control

Software EU/UK VAT Manager for WooCommerce Type Plugin Vulnerable versions = 2.12.12 Fixed in 2.12.14 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9189 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ca5dfbffbcf9 Credits Francesc...