438 matches found
WordPress Jeg Elementor Kit Plugin <= 2.6.9 is vulnerable to Cross Site Scripting (XSS)
Software Jeg Elementor Kit Type Plugin Vulnerable versions = 2.6.9 Fixed in 2.6.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10308 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7709d157b72c Credits zer0gh0st Required...
WordPress Product Table for WooCommerce Plugin <= 3.5.1 is vulnerable to Sensitive Data Exposure
Software Product Table for WooCommerce Type Plugin Vulnerable versions = 3.5.1 Fixed in 3.5.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-10813 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 157ba908784e Credits Nathan...
WordPress IceStats Plugin <= 1.3 is vulnerable to Cross Site Request Forgery (CSRF)
Software IceStats Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-53724 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 228e60432718 Credits SOPROBRO Required privilege...
WordPress Tutor LMS Plugin <= 2.7.6 is vulnerable to Broken Access Control
Software Tutor LMS Type Plugin Vulnerable versions = 2.7.6 Fixed in 2.7.7 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Access Control CVE CVE-2024-10393 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 196d31d95c65 Credits 1337Wannabe...
WordPress Jobify - Job Board WordPress Theme Theme <= 4.2.3 is vulnerable to Cross Site Scripting (XSS)
Software Jobify - Job Board WordPress Theme Type Theme Vulnerable versions = 4.2.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52478 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1dc3663080eb Credits Ananda Dhakal Patchsta...
WordPress nBlocks Plugin <= 1.0.2 is vulnerable to Local File Inclusion
Software nBlocks Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-52450 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID d4618b9386b6 Credits João Pedro S Alcântara Kinorth Required...
WordPress Customer Reviews for WooCommerce Plugin <= 5.61.0 is vulnerable to Broken Access Control
Software Customer Reviews for WooCommerce Type Plugin Vulnerable versions = 5.61.0 Fixed in 5.62.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10614 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ce10b4d9cbd7 Credits incognito...
WordPress Simple Local Avatars Plugin <= 2.7.11 is vulnerable to Broken Access Control
Software Simple Local Avatars Type Plugin Vulnerable versions = 2.7.11 Fixed in 2.8.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10786 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 717b24faeea4 Credits Trương Hữu Phúc...
WordPress Redirecter Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Software Redirecter Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51855 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID dfdafabcd66b Credits SOPROBRO Required privilege Contributor Publish...
WordPress Trendy Restaurant Menu Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Trendy Restaurant Menu Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51796 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5538c79e9ace Credits SOPROBRO Required privilege...
WordPress Pro Addons For Elementor Plugin <= 1.5.0 is vulnerable to Cross Site Scripting (XSS)
Software Pro Addons For Elementor Type Plugin Vulnerable versions = 1.5.0 Fixed in 1.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51812 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b0c22c1328af Credits Gab Required privilege...
WordPress IA Map Analytics Basic Plugin <= 20170413 is vulnerable to Cross Site Scripting (XSS)
Software IA Map Analytics Basic Type Plugin Vulnerable versions = 20170413 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51937 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4ee8dd041e2f Credits SOPROBRO Required privilege...
WordPress Custom URL Shortener Plugin <= 0.3.6 is vulnerable to Cross Site Scripting (XSS)
Software Custom URL Shortener Type Plugin Vulnerable versions = 0.3.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51930 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 721373a7389e Credits SOPROBRO Required privilege...
WordPress Elementor – Header, Footer & Blocks Template Plugin <= 1.6.45 is vulnerable to Cross Site Scripting (XSS)
Software Elementor – Header, Footer & Blocks Template Type Plugin Vulnerable versions = 1.6.45 Fixed in 1.6.46 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10325 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 3bcf490aa26b...
WordPress W3P SEO Plugin < 1.8.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software W3P SEO Type Plugin Vulnerable versions 1.8.6 Fixed in 1.8.6 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-51684 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 58f497ee049b Credits SOPROBRO Required privilege...
WordPress MPG Plugin <= 4.0.1 is vulnerable to Broken Access Control
Software MPG Type Plugin Vulnerable versions = 4.0.1 Fixed in 4.0.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7424 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 61dc998feee8 Credits Rafshanzani Suhada Required privilege...
WordPress ID-SK Toolkit Plugin <= 1.7.2 is vulnerable to Cross Site Scripting (XSS)
Software ID-SK Toolkit Type Plugin Vulnerable versions = 1.7.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50517 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8f37480f4086 Credits Gab Required privilege Contributor Publish...
WordPress Selection Lite Plugin <= 1.13 is vulnerable to Cross Site Scripting (XSS)
Software Selection Lite Type Plugin Vulnerable versions = 1.13 Fixed in 1.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50445 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d19a34cff88e Credits João Pedro S Alcântara Kinorth Required...
WordPress WordPress Meta Data and Taxonomies Filter (MDTF) Plugin <= 1.3.3.4 is vulnerable to Cross Site Scripting (XSS)
Software WordPress Meta Data and Taxonomies Filter MDTF Type Plugin Vulnerable versions = 1.3.3.4 Fixed in 1.3.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50451 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0f23dd4816a6 Credits...
WordPress Schema & Structured Data for WP & AMP Plugin <= 1.3.5 is vulnerable to Sensitive Data Exposure
Software Schema & Structured Data for WP & AMP Type Plugin Vulnerable versions = 1.3.5 Fixed in 1.36 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-49683 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID fb194b3fd454 Credits Joshua...