Search Results (363090 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-35776 1 Exeebit 1 Phpinfo-wp 2024-11-21 5.3 Medium
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exeebit phpinfo() WP.This issue affects phpinfo() WP: from n/a through 5.0.
CVE-2024-35774 1 Darteweb 1 Dimage 360 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in D’arteweb DImage 360 allows Stored XSS.This issue affects DImage 360: from n/a through 2.0.
CVE-2024-35772 1 Presscustomizr 1 Hueman 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Hueman.This issue affects Hueman: from n/a through 3.7.24.
CVE-2024-35771 1 Presscustomizr 1 Customizr 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Customizr.This issue affects Customizr: from n/a through 4.4.21.
CVE-2024-35770 1 Davekiss 1 Vimeography 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Dave Kiss Vimeography: Vimeo Video Gallery WordPress Plugin.This issue affects Vimeography: Vimeo Video Gallery WordPress Plugin: from n/a through 2.4.1.
CVE-2024-35767 2 Bogdan Bendziukov, Squeeze Project 2 Squeeze, Squeeze 2024-11-21 9.1 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Bogdan Bendziukov Squeeze allows Code Injection.This issue affects Squeeze: from n/a through 1.4.
CVE-2024-35766 1 Wp-pizza 1 Wppizza 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ollybach WPPizza allows Reflected XSS.This issue affects WPPizza: from n/a through 3.18.13.
CVE-2024-35763 1 Themefreesia 1 Excellent 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Freesia Excellent allows Stored XSS.This issue affects Excellent: from n/a through 1.2.9.
CVE-2024-35762 1 Cryoutcreations 1 Serious Slider 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cryout Creations Serious Slider allows Stored XSS.This issue affects Serious Slider: from n/a through 1.2.4.
CVE-2024-35758 1 Themehorse 1 Interface 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Horse Interface allows Stored XSS.This issue affects Interface: from n/a through 3.1.0.
CVE-2024-35757 1 5starplugins 1 Easy Age Verify 2024-11-21 5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in 5 Star Plugins Easy Age Verify allows Stored XSS.This issue affects Easy Age Verify: from n/a through 1.8.2.
CVE-2024-35756 1 Ceikay 1 Tooltip Ck 2024-11-21 5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CeiKay Tooltip CK tooltip-ck allows Stored XSS.This issue affects Tooltip CK: from n/a through 2.2.15.
CVE-2024-35755 1 Eltiempoen 1 Weather Widget Pro 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in El tiempo Weather Widget Pro allows Stored XSS.This issue affects Weather Widget Pro: from n/a through 1.1.40.
CVE-2024-35754 1 Ovic Importer Project 1 Ovic Importer 2024-11-21 7.5 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ovic Team Ovic Importer allows Path Traversal.This issue affects Ovic Importer: from n/a through 1.6.3.
CVE-2024-35752 1 Overclokk 1 Stellissimo Text Box 2024-11-21 5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Enea Overclokk Stellissimo Text Box allows Stored XSS.This issue affects Stellissimo Text Box: from n/a through 1.1.4.
CVE-2024-35750 1 Wpdevart 1 Gallery 2024-11-21 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevart Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3.
CVE-2024-35749 1 Acurax 1 Under Construction \/ Maintenance Mode 2024-11-21 3.7 Low
Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6.
CVE-2024-35748 1 Opmc 1 Woocommerce Dropshipping 2024-11-21 5.3 Medium
Missing Authorization vulnerability in OPMC WooCommerce Dropshipping.This issue affects WooCommerce Dropshipping: from n/a through 5.0.4.
CVE-2024-35747 1 Contact Form Builder Project 1 Contact Form Builder 2024-11-21 5.3 Medium
Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form Builder, Contact Widget allows Functionality Bypass.This issue affects Contact Form Builder, Contact Widget: from n/a through 2.1.7.
CVE-2024-35746 2 Buddypress Cover Project, Wordpress 2 Buddypress Cover, Buddypress Cover 2024-11-21 10 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress Cover allows Code Injection.This issue affects BuddyPress Cover: from n/a through 2.1.4.2.