Total
30620 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-29818 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Poll Maker & Voting Plugin Team (InfoTheme) WP Poll Maker allows Stored XSS.This issue affects WP Poll Maker: from n/a through 3.1. | |||||
| CVE-2024-29817 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SERVIT Software Solutions affiliate-toolkit allows Stored XSS.This issue affects affiliate-toolkit: from n/a through 3.4.5. | |||||
| CVE-2024-29816 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in htdat Woo Viet allows Stored XSS.This issue affects Woo Viet: from n/a through 1.5.2. | |||||
| CVE-2024-29815 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aminur Islam WP Change Email Sender allows Stored XSS.This issue affects WP Change Email Sender: from n/a before 1.3.0. | |||||
| CVE-2024-29814 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CurrencyRate.Today Exchange Rates Widget allows Stored XSS.This issue affects Exchange Rates Widget: from n/a through 1.4.0. | |||||
| CVE-2024-29813 | 2024-11-21 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CartFlows Inc. Funnel Builder by CartFlows allows Stored XSS.This issue affects Funnel Builder by CartFlows: from n/a through 2.0.1. | |||||
| CVE-2024-29812 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ReviewX allows Stored XSS.This issue affects ReviewX: from n/a through 1.6.22. | |||||
| CVE-2024-29811 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftLab Radio Player allows Stored XSS.This issue affects Radio Player: from n/a through 2.0.73. | |||||
| CVE-2024-29810 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| The thumb_url parameter of the AJAX call to the editimage_bwg action of admin-ajax.php is vulnerable to reflected Cross Site Scripting. The value of the thumb_url parameter is embedded within an existing JavaScript within the response allowing arbitrary JavaScript to be inserted and executed. The attacker must target a an authenticated user with permissions to access this component to exploit this issue. | |||||
| CVE-2024-29809 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| The image_url parameter of the AJAX call to the editimage_bwg action of admin-ajax.php is vulnerable to reflected Cross Site Scripting. The value of the image_url parameter is embedded within an existing JavaScript within the response allowing arbitrary JavaScript to be inserted and executed. The attacker must target a an authenticated user with permissions to access this component to exploit this issue. | |||||
| CVE-2024-29808 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| The image_id parameter of the AJAX call to the editimage_bwg action of admin-ajax.php is vulnerable to reflected Cross Site Scripting. The value of the image_id parameter is embedded within an existing JavaScript within the response allowing arbitrary JavaScript to be inserted and executed. The attacker must target a an authenticated user with permissions to access this component to exploit this issue. | |||||
| CVE-2024-29807 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DearHive DearFlip allows Stored XSS.This issue affects DearFlip: from n/a through 2.2.26. | |||||
| CVE-2024-29806 | 2024-11-21 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Reservation Diary ReDi Restaurant Reservation allows Reflected XSS.This issue affects ReDi Restaurant Reservation: from n/a through 24.0128. | |||||
| CVE-2024-29805 | 2024-11-21 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShopUp Shipping with Venipak for WooCommerce allows Reflected XSS.This issue affects Shipping with Venipak for WooCommerce: from n/a through 1.19.5. | |||||
| CVE-2024-29804 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Heateor Fancy Comments WordPress allows Stored XSS.This issue affects Fancy Comments WordPress: from n/a through 1.2.14. | |||||
| CVE-2024-29803 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mehanoid.Pro FlatPM allows Stored XSS.This issue affects FlatPM: from n/a before 3.1.05. | |||||
| CVE-2024-29802 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Antoine Hurkmans Football Pool allows Stored XSS.This issue affects Football Pool: from n/a through 2.11.3. | |||||
| CVE-2024-29801 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Petri Damstén Fullscreen Galleria allows Stored XSS.This issue affects Fullscreen Galleria: from n/a through 1.6.11. | |||||
| CVE-2024-29799 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Epsiloncool WP Fast Total Search allows Stored XSS.This issue affects WP Fast Total Search: from n/a through 1.59.211. | |||||
| CVE-2024-29798 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Appsmav Gratisfaction allows Stored XSS.This issue affects Gratisfaction: from n/a through 4.3.4. | |||||