Lucene search
K

2429 matches found

NVD
NVD
added 2024/11/20 4:15 p.m.35 views

CVE-2024-11487

A vulnerability has been found in Code4Berry Decoration Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /decoration/admin/btndatesreport.php of the component Between Dates Reports. The manipulation of the argument fromdate/todate leads to sql...

8.8CVSS0.004EPSS
Exploits0References3
NVD
NVD
added 2024/11/18 11:15 p.m.17 views

CVE-2024-51940

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sohelwpexpert WP Responsive Video my-wp-responsive-video allows DOM-Based XSS.This issue affects WP Responsive Video: from n/a through = 1.0...

6.5CVSS0.00231EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/18 10:17 p.m.18 views

CVE-2024-51940 WordPress WP Responsive Video plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sohelwpexpert WP Responsive Video my-wp-responsive-video allows DOM-Based XSS.This issue affects WP Responsive Video: from n/a through = 1.0...

6.5CVSS0.00231EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/18 10:17 p.m.12 views

CVE-2024-51940 WordPress WP Responsive Video plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in sohelwpexpert WP Responsive Video allows DOM-Based XSS.This issue affects WP Responsive Video: from n/a through 1.0...

6.5CVSS6.9AI score0.00231EPSS
Exploits0References1
CVE
CVE
added 2024/11/18 10:17 p.m.56 views

CVE-2024-51940

CVE-2024-51940 describes a DOM-based Cross-Site Scripting vulnerability in the WordPress plugin WP Responsive Video . The issue is due to improper neutralization of input during Web Page Generation, affecting plugin versions from n/a through 1.0. The connected documents confirm the plugin is vuln...

6.5CVSS7.2AI score0.00231EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/11/18 10:32 a.m.5 views

WordPress AI Responsive Gallery Album plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin AI Responsive Gallery Album versions = 1.4...

7.1CVSS6.1AI score0.0032EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2024/11/18 12:31 a.m.17 views

CVE-2024-11305 Altenergy Power Control Software status_zigbee get_status_zigbee sql injection

A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...

6.5CVSS0.03725EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/11/18 12:0 a.m.3 views

PT-2024-35074 · WordPress · Wp Responsive Video

Name of the Vulnerable Software and Affected Versions: WP Responsive Video versions 1.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows DOM-Based XSS. This means that an attacker cou...

6.5CVSS5.8AI score0.00231EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/11/18 12:0 a.m.14 views

WordPress AI Responsive Gallery Album Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)

Software AI Responsive Gallery Album Type Plugin Vulnerable versions = 1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52467 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 558c5967b587 Credits Le Ngoc Anh Required...

6.5AI score0.0032EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.2 views

WordPress plugin WP Responsive Video 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS7.6AI score0.00231EPSS
Exploits0References1
NVD
NVD
added 2024/11/16 10:15 p.m.12 views

CVE-2024-52414

Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu wdes-responsive-mobile-menu allows Object Injection.This issue affects WDES Responsive Mobile Menu: from n/a through = 5.3.18...

9.8CVSS0.00509EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/16 9:22 p.m.18 views

CVE-2024-52414 WordPress WDES Responsive Mobile Menu plugin <= 5.3.18 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu wdes-responsive-mobile-menu allows Object Injection.This issue affects WDES Responsive Mobile Menu: from n/a through = 5.3.18...

9.8CVSS0.00509EPSS
Exploits0References1
CVE
CVE
added 2024/11/15 1:31 p.m.78 views

CVE-2024-11239

CVE-2024-11239 affects Landray EKP up to version 16.0, specifically the API Interface’s deleteFile function at /sys/common/import.do?method=deleteFile. The vulnerability stems from manipulation of the folder argument, enabling path traversal. It can be triggered remotely, and public disclosures e...

5.5CVSS4.9AI score0.01504EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2024/11/13 12:0 a.m.12 views

WordPress WDES Responsive Mobile Menu Plugin <= 5.3.18 is vulnerable to PHP Object Injection

Software WDES Responsive Mobile Menu Type Plugin Vulnerable versions = 5.3.18 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52414 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 3807cf50f771 Credits Mika Required privilege...

9.8CVSS7.2AI score0.00509EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/11/12 2:31 p.m.16 views

CVE-2024-11126 Digistar AG-30 Plus Login Page excessive authentication

A vulnerability was found in Digistar AG-30 Plus 2.6b. It has been classified as problematic. Affected is an unknown function of the component Login Page. The manipulation leads to improper restriction of excessive authentication attempts. The complexity of an attack is rather high. The...

3.1CVSS0.00284EPSS
Exploits0References3
OSV
OSV
added 2024/11/11 6:15 a.m.2 views

CVE-2024-52358

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Cyberchimps Responsive Addons for Elementor allows DOM-Based XSS.This issue affects Responsive Addons for Elementor: from n/a through 1.5.4...

5.4CVSS5.8AI score0.00258EPSS
Exploits0References1
NVD
NVD
added 2024/11/11 6:15 a.m.15 views

CVE-2024-51573

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ersatzpole ML Responsive Audio player with playlist Shortcode mlr-audio allows Stored XSS.This issue affects ML Responsive Audio player with playlist Shortcode: from n/a through = 0.2...

6.5CVSS0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/11 6:8 a.m.20 views

CVE-2024-52358 WordPress Responsive Addons for Elementor plugin <= 1.5.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CyberChimps Responsive Addons for Elementor responsive-addons-for-elementor allows DOM-Based XSS.This issue affects Responsive Addons for Elementor: from n/a through = 1.5.4...

6.5CVSS0.00258EPSS
Exploits0References1
CVE
CVE
added 2024/11/11 6:8 a.m.53 views

CVE-2024-52358

CVE-2024-52358 : In the WordPress plugin Responsive Addons for Elementor (Free Elementor Addons Plugin and Elementor Templates), an authenticated user can trigger a DOM-based Cross-Site Scripting (XSS) vulnerability through improper input handling during web page generation. Affected: Responsive ...

6.5CVSS7.2AI score0.00258EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/11/11 5:47 a.m.47 views

CVE-2024-51573

CVE-2024-51573 describes a stored XSS in the WordPress plugin ML Responsive Audio player with playlist Shortcode . Affected versions are 0.2 and earlier ; the issue arises from improper neutralization of inputs during web page generation. The provided documents do not include a confirmed fix/patc...

6.5CVSS5.9AI score0.00253EPSS
Exploits0References1
Rows per page
Query Builder