Search Results (363081 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-35712 1 Meowapps 1 Database Cleaner 2024-11-21 4.9 Medium
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Jordy Meow Database Cleaner allows Relative Path Traversal.This issue affects Database Cleaner: from n/a through 1.0.5.
CVE-2024-35711 1 Themefreesia 1 Event 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Freesia Event allows Stored XSS.This issue affects Event: from n/a through 1.2.2.
CVE-2024-35708 1 Apollo13themes 1 Rife Free 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in apollo13themes Rife Free allows Stored XSS.This issue affects Rife Free: from n/a through 2.4.19.
CVE-2024-35707 1 Heateor 1 Social Login 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login allows Stored XSS.This issue affects Heateor Social Login: from n/a through 1.1.32.
CVE-2024-35706 1 Heateor 1 Social Login 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login allows Cross-Site Scripting (XSS).This issue affects Heateor Social Login: from n/a through 1.1.32.
CVE-2024-35705 1 Getbutterfly 1 Block For Font Awesome 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ciprian Popescu Block for Font Awesome allows Stored XSS.This issue affects Block for Font Awesome: from n/a through 1.4.4.
CVE-2024-35704 1 Wpblockart 1 Blockart Blocks 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPBlockArt BlockArt Blocks allows Stored XSS.This issue affects BlockArt Blocks: from n/a through 2.1.5.
CVE-2024-35703 1 Sinaextra 1 Sina Extension For Elementor 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SinaExtra Sina Extension for Elementor allows Stored XSS.This issue affects Sina Extension for Elementor: from n/a through 3.5.3.
CVE-2024-35702 1 Master-addons 1 Master Addons 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.6.0.
CVE-2024-35701 2 Propertyhive, Wp-property-hive 2 Propertyhive, Propertyhive 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PropertyHive allows Stored XSS.This issue affects PropertyHive: from n/a through 2.0.13.
CVE-2024-35699 1 Hasthemes 1 Ht Feed 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8.
CVE-2024-35697 1 Thimpress 1 Eduma 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThimPress Eduma allows Reflected XSS.This issue affects Eduma: from n/a through 5.4.7.
CVE-2024-35695 1 Fahadmahmood 1 Wp Docs 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.1.3.
CVE-2024-35692 1 Termly 1 Gdpr Cookie Consent Banner 2024-11-21 5.3 Medium
Missing Authorization vulnerability in Termly Cookie Consent.This issue affects Cookie Consent: from n/a through 3.2.
CVE-2024-35689 1 Analytify 1 Analytify - Google Analytics Dashboard 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3.
CVE-2024-35688 1 Master-addons 1 Master Addons 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.5.9.
CVE-2024-35687 1 Ylefebvre 1 Link Library 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library link-library allows Reflected XSS.This issue affects Link Library: from n/a through 7.6.3.
CVE-2024-35681 1 Gvectors 1 Wpdiscuz 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18.
CVE-2024-35677 2 Megamenu, Stylemixthemes 2 Max Mega Menu, Mega Menu 2024-11-21 9 Critical
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes MegaMenu allows PHP Local File Inclusion.This issue affects MegaMenu: from n/a through 2.3.12.
CVE-2024-35673 2 Pure Chat By Ruby, Purechat 2 Pure Chat, Pure Chat 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Pure Chat by Ruby Pure Chat.This issue affects Pure Chat: from n/a through 2.22.