Search Results (367124 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-35756 1 Ceikay 1 Tooltip Ck 2024-11-21 5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CeiKay Tooltip CK tooltip-ck allows Stored XSS.This issue affects Tooltip CK: from n/a through 2.2.15.
CVE-2024-35755 1 Eltiempoen 1 Weather Widget Pro 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in El tiempo Weather Widget Pro allows Stored XSS.This issue affects Weather Widget Pro: from n/a through 1.1.40.
CVE-2024-35754 1 Ovic Importer Project 1 Ovic Importer 2024-11-21 7.5 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ovic Team Ovic Importer allows Path Traversal.This issue affects Ovic Importer: from n/a through 1.6.3.
CVE-2024-35752 1 Overclokk 1 Stellissimo Text Box 2024-11-21 5.9 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Enea Overclokk Stellissimo Text Box allows Stored XSS.This issue affects Stellissimo Text Box: from n/a through 1.1.4.
CVE-2024-35750 1 Wpdevart 1 Gallery 2024-11-21 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevart Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3.
CVE-2024-35749 1 Acurax 1 Under Construction \/ Maintenance Mode 2024-11-21 3.7 Low
Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6.
CVE-2024-35748 1 Opmc 1 Woocommerce Dropshipping 2024-11-21 5.3 Medium
Missing Authorization vulnerability in OPMC WooCommerce Dropshipping.This issue affects WooCommerce Dropshipping: from n/a through 5.0.4.
CVE-2024-35747 1 Contact Form Builder Project 1 Contact Form Builder 2024-11-21 5.3 Medium
Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form Builder, Contact Widget allows Functionality Bypass.This issue affects Contact Form Builder, Contact Widget: from n/a through 2.1.7.
CVE-2024-35746 2 Buddypress Cover Project, Wordpress 2 Buddypress Cover, Buddypress Cover 2024-11-21 10 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Asghar Hatampoor BuddyPress Cover allows Code Injection.This issue affects BuddyPress Cover: from n/a through 2.1.4.2.
CVE-2024-35745 1 Strategery-migrations Project 1 Strategery-migrations 2024-11-21 7.5 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Gabriel Somoza / Joseph Fitzgibbons Strategery Migrations allows Path Traversal, File Manipulation.This issue affects Strategery Migrations: from n/a through 1.0.
CVE-2024-35744 2 Ravidhu Dissanayake, Upunzipper Project 2 Upunzipper, Upunzipper 2024-11-21 8.6 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ravidhu Dissanayake Upunzipper allows Path Traversal, File Manipulation.This issue affects Upunzipper: from n/a through 1.0.0.
CVE-2024-35743 1 Sc Filechecker Project 1 Sc Filechecker 2024-11-21 8.6 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Siteclean SC filechecker allows Path Traversal, File Manipulation.This issue affects SC filechecker: from n/a through 0.6.
CVE-2024-35742 1 Codeparrots 1 Easy Forms For Mailchimp 2024-11-21 5.3 Medium
Missing Authorization vulnerability in Code Parrots Easy Forms for Mailchimp.This issue affects Easy Forms for Mailchimp: from n/a through 6.9.0.
CVE-2024-35741 1 Getawesomesupport 1 Awesome Support 2024-11-21 4.3 Medium
Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.7.
CVE-2024-35740 1 Themefreesia 1 Pixgraphy 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Freesia Pixgraphy allows Stored XSS.This issue affects Pixgraphy: from n/a through 1.3.8.
CVE-2024-35738 1 Kognetics 1 Kognetiks Chatbot 2024-11-21 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kognetiks Kognetiks Chatbot for WordPress allows Stored XSS.This issue affects Kognetiks Chatbot for WordPress: from n/a through 1.9.8.
CVE-2024-35737 1 Loopus 1 Wp Visitors Tracker 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Loopus WP Visitors Tracker allows Reflected XSS.This issue affects WP Visitors Tracker: from n/a through 2.3.
CVE-2024-35736 1 Themeisle 1 Visualizer 2024-11-21 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Visualizer.This issue affects Visualizer: from n/a through 3.11.1.
CVE-2024-35735 1 Codepeople 1 Wp Time Slots Booking Form 2024-11-21 5.3 Medium
Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.11.
CVE-2024-35734 1 Codepeople 1 Wp Time Slots Booking Form 2024-11-21 7.1 High
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodePeople WP Time Slots Booking Form allows Stored XSS.This issue affects WP Time Slots Booking Form: from n/a through 1.2.10.