798 matches found
WordPress WP e-Commerce Style Email Plugin <= 0.6.2 is vulnerable to Cross Site Scripting (XSS)
Software WP e-Commerce Style Email Type Plugin Vulnerable versions = 0.6.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52462 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 22630f6609c8 Credits SOPROBRO Required...
WordPress Weather Atlas Widget Plugin <= 3.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Weather Atlas Widget Type Plugin Vulnerable versions = 3.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52472 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5504e62dc0b7 Credits LVT-tholv2k Required privileg...
WordPress SimpleForm Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)
Software SimpleForm Type Plugin Vulnerable versions = 2.2.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10883 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c9428f96f6e1 Credits Peter Thaleikis Required...
WordPress ReConstruction Theme <= 1.4.7 is vulnerable to Cross Site Scripting (XSS)
Software ReConstruction Type Theme Vulnerable versions = 1.4.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52417 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 09fd48f64288 Credits justakazh Required privilege...
CVE-2024-11112
Use after free in Media in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2024-11113
CVE-2024-11113 affects Google Chrome (Accessibility component). A use-after-free in the Accessibility path prior to Chrome 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially cause heap corruption via a crafted HTML page. The Chrome release notes confir...
WordPress Styler for Ninja Forms Plugin <= 3.3.4 is vulnerable to Settings Change
Software Styler for Ninja Forms Type Plugin Vulnerable versions = 3.3.4 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Settings Change CVE CVE-2024-10717 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2b68f06a005e Credits...
WordPress Wp-ImageZoom Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)
Software Wp-ImageZoom Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9934 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 48857c949d4e Credits Mohammad Nikouei Requir...
WordPress Don't Break The Code Plugin <= .3.1 is vulnerable to Cross Site Scripting (XSS)
Software Don't Break The Code Type Plugin Vulnerable versions = .3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51779 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e5611bdb41d7 Credits João Pedro S Alcântara Kinorth...
WordPress Subscribe to Comments Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)
Software Subscribe to Comments Type Plugin Vulnerable versions = 2.3 Fixed in 2.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8792 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e73a4a4fc1e2 Credits vgo0 Required...
WordPress WPAdverts – Classifieds Plugin Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)
Software WPAdverts – Classifieds Plugin Type Plugin Vulnerable versions = 2.1.6 Fixed in 2.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10108 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d98a67dcc148 Credits...
WordPress SEUR Oficial Plugin <= 2.2.11 is vulnerable to Cross Site Scripting (XSS)
Software SEUR Oficial Type Plugin Vulnerable versions = 2.2.11 Fixed in 2.2.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9438 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 09ee4a264f33 Credits vgo0 Required...
WordPress Terms descriptions Plugin <= 3.4.6 is vulnerable to Cross Site Scripting (XSS)
Software Terms descriptions Type Plugin Vulnerable versions = 3.4.6 Fixed in 3.4.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9374 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8fca607d99fe Credits vgo0 Required...
WordPress BP Member Type Manager Plugin <= 1.01 is vulnerable to Cross Site Scripting (XSS)
Software BP Member Type Manager Type Plugin Vulnerable versions = 1.01 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49634 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ae38971a18f4 Credits João Pedro S Alcântara Kinor...
WordPress WP Photo Album Plus Plugin <= 8.8.05.003 is vulnerable to Cross Site Scripting (XSS)
Software WP Photo Album Plus Type Plugin Vulnerable versions = 8.8.05.003 Fixed in 8.8.07.004 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9951 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 361cb23fe9c7 Credits Noah...
CVE-2024-9955
Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2024-9960
Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2024-9959
CVE-2024-9959 affects Google Chrome/Chromium with a Use-After-Free in DevTools prior to 130.0.6723.58. A remote attacker who has compromised the renderer could potentially exploit heap corruption via a crafted Chrome Extension. The issue is associated with the Chromium DevTools component and has ...
WordPress Akismet htaccess writer Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Akismet htaccess writer Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49316 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 909749f57b22 Credits Le Ngoc Anh Required...
WordPress ThemeHunk Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)
Software ThemeHunk Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8433 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c1773d3ddeac Credits Lucio Sá Required...