Total
30446 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-37623 | 1 Rockoa | 1 Xinhu | 2024-08-02 | 6.1 Medium |
| Xinhu RockOA v2.6.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the /kaoqin/tpl_kaoqin_locationchange.html component. | ||||
| CVE-2024-37466 | 1 Kraftplugins | 1 Mega Elements | 2024-08-02 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements.This issue affects Mega Elements: from n/a through 1.2.2. | ||||
| CVE-2024-37541 | 1 Staxwp | 1 Stax | 2024-08-02 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in StaxWP Elementor Addons, Widgets and Enhancements – Stax allows Stored XSS.This issue affects Elementor Addons, Widgets and Enhancements – Stax: from n/a through 1.4.4.1. | ||||
| CVE-2024-37546 | 1 Oxilab | 1 Image Hover Effects For Elementor With Lightbox And Flipbox | 2024-08-02 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in biplob018 Image Hover Effects - Caption Hover with Carousel allows Stored XSS.This issue affects Image Hover Effects - Caption Hover with Carousel: from n/a through 3.0.2. | ||||
| CVE-2024-37565 | 2024-08-02 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TemeGUM Gum Elementor Addon allows Stored XSS.This issue affects Gum Elementor Addon: from n/a through 1.3.5. | ||||
| CVE-2024-37492 | 2024-08-02 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gutenberg Team Gutenberg allows Stored XSS.This issue affects Gutenberg: from n/a through 18.6.0. | ||||
| CVE-2024-37472 | 1 Xtendify | 1 Woffice | 2024-08-02 | 7.1 High |
| Cross Site Scripting (XSS) vulnerability in WofficeIO Woffice allows Reflected XSS.This issue affects Woffice: from n/a through 5.4.8. | ||||
| CVE-2024-37619 | 1 Strongshop | 1 Strongshop | 2024-08-02 | 7.6 High |
| StrongShop v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the spec_group_id parameter at /spec/index.blade.php. | ||||
| CVE-2024-37512 | 2024-08-02 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Basix NEX-Forms – Ultimate Form Builder allows Stored XSS.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.5.10. | ||||
| CVE-2024-37515 | 2024-08-02 | 5.8 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Optemiz XPlainer - WooCommerce Product FAQ allows Reflected XSS.This issue affects XPlainer - WooCommerce Product FAQ: from n/a through 1.6.3. | ||||
| CVE-2024-37500 | 2024-08-02 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This issue affects Beaver Builder: from n/a through 2.8.2.2. | ||||
| CVE-2024-37507 | 2024-08-02 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 3.3.57. | ||||
| CVE-2024-37480 | 1 Apollo13themes | 1 Apollo13 Framework Extensions | 2024-08-02 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Apollo13Themes Apollo13 Framework Extensions apollo13-framework-extensions allows Stored XSS.This issue affects Apollo13 Framework Extensions: from n/a through 1.9.3. | ||||
| CVE-2024-37457 | 1 Dotcamp | 1 Ultimate Blocks | 2024-08-02 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ultimate Blocks Ultimate Blocks – Gutenberg Blocks Plugin allows Stored XSS.This issue affects Ultimate Blocks – Gutenberg Blocks Plugin: from n/a through 3.1.9. | ||||
| CVE-2024-37528 | 1 Ibm | 1 Cloud Pak For Business Automation | 2024-08-02 | 4.8 Medium |
| IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, 22.0.2, 23.0.1, and 23.0.2 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 294293. | ||||
| CVE-2024-37562 | 2024-08-02 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BracketSpace Simple Post Notes allows Stored XSS.This issue affects Simple Post Notes: from n/a through 1.7.7. | ||||
| CVE-2024-37563 | 1 Tochat Be | 1 Tochat Be | 2024-08-02 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TOCHAT.BE allows Stored XSS.This issue affects TOCHAT.BE: from n/a through 1.3.0. | ||||
| CVE-2024-37474 | 1 Automattic | 1 Newspack Ads | 2024-08-02 | 6.5 Medium |
| Cross Site Scripting (XSS) vulnerability in Automattic Newspack Ads allows Stored XSS.This issue affects Newspack Ads: from n/a through 1.47.1. | ||||
| CVE-2024-37432 | 1 Themegrill | 1 Esteem | 2024-08-02 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeGrill Esteem allows Stored XSS.This issue affects Esteem: from n/a through 1.5.0. | ||||
| CVE-2024-37460 | 1 Supersaas | 1 Supersaas | 2024-08-02 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SuperSaaS SuperSaaS – online appointment scheduling allows Stored XSS.This issue affects SuperSaaS – online appointment scheduling: from n/a through 2.1.9. | ||||