67 matches found
CVE-2024-39648
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 4.0.5...
CVE-2024-39648
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 4.0.5...
CVE-2024-37507
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 3.3.57...
CVE-2024-37507
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 3.3.57...
CVE-2024-37507
CVE-2024-37507 is a stored XSS in the Themewinter Eventin WordPress plugin, affecting Eventin versions up to 3.3.57. Root cause: Improper neutralization of input during web page generation. Exploitation requires authentication; impact is stored XSS on affected pages. Remediation: update to a fixe...
CVE-2024-37513
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Themewinter WPCafe allows Path Traversal.This issue affects WPCafe: from n/a through 2.2.27...
CVE-2024-37513
CVE-2024-37513: Affected software is Themewinter WPCafe (WordPress plugin) with versions from n/a up to 2.2.27. The root cause is improper limitation of a pathname to a restricted directory, enabling a Path Traversal vulnerability. This could potentially allow an attacker to access restricted fil...