CVE-2024-41240

A Reflected Cross Site Scripting XSS vulnerability was found in " /smsa/teacherlogin.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via the "error" parameter...

CVE-2024-41244

An Incorrect Access Control vulnerability was found in /smsa/viewclass.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS details...

CVE-2024-32142

Missing Authorization vulnerability in Ovic Team Ovic Responsive WPBakery.This issue affects Ovic Responsive WPBakery: from n/a through 1.3.0...

CVE-2024-37542

Missing Authorization vulnerability in WpDevArt Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3...

CVE-2024-1664

The Responsive Gallery Grid WordPress plugin before 2.3.11 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-30552

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wppdf.Org Responsive flipbook allows Stored XSS.This issue affects Responsive flipbook: from n/a through 1.0.0...

CVE-2024-31120

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Stored XSS.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3...

CVE-2024-27989

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs allows Stored XSS.This issue affects WP Responsive Tabs horizontal vertical and accordion Tabs: from n/a through...

CVE-2024-24802

Cross-Site Request Forgery CSRF vulnerability in John Tendik JTRT Responsive Tables.This issue affects JTRT Responsive Tables: from n/a through 4.1.9...

CVE-2024-5222

The Responsive Addons – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme. plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file uploader in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output...

CVE-2024-56011

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ilja Zaglov Responsive Google Maps | by imbaa responsive-google-maps allows Stored XSS.This issue affects Responsive Google Maps | by imbaa: from n/a through = 1.2.5...

CVE-2024-31252

Missing Authorization vulnerability in dFactory Responsive Lightbox.This issue affects Responsive Lightbox: from n/a through 2.4.6...

CVE-2024-49280

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Weblizar - WordPress Themes & Plugin Lightbox slider – Responsive Lightbox Gallery simple-lightbox-gallery allows Stored XSS.This issue affects Lightbox slider – Responsive Lightbox Gallery: from n...

CVE-2024-49282

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dFactory Responsive Lightbox responsive-lightbox allows Stored XSS.This issue affects Responsive Lightbox: from n/a through = 2.4.8...

CVE-2024-1846

The Responsive Tabs WordPress plugin before 4.0.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2024-10379

A vulnerability classified as problematic was found in ESAFENET CDG 5. Affected by this vulnerability is the function actionViewDecyptFile of the file /com/esafenet/servlet/client/DecryptApplicationService.java. The manipulation of the argument decryptFileId with the input...

CVE-2024-12268

The Responsive Blocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'responsive-block-editor-addons/portfolio' block in all versions up to, and including, 1.9.7 due to insufficient input sanitization and output escaping. This makes it...

CVE-2024-51573

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ersatzpole ML Responsive Audio player with playlist Shortcode mlr-audio allows Stored XSS.This issue affects ML Responsive Audio player with playlist Shortcode: from n/a through = 0.2...

CVE-2024-6870

The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping affecting the rluploadimage AJAX endpoint. This makes it possible for...

CVE-2024-11963

A vulnerability, which was classified as critical, has been found in code-projects Responsive Hotel Site 1.0. Affected by this issue is some unknown functionality of the file /admin/room.php. The manipulation of the argument troom leads to sql injection. The attack may be launched remotely. The...