Total
30620 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-29765 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alireza Sedghi Aparat for WordPress allows Stored XSS.This issue affects Aparat for WordPress: from n/a through 2.2.0. | |||||
| CVE-2024-29764 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Molongui allows Stored XSS.This issue affects Molongui: from n/a through 4.7.7. | |||||
| CVE-2024-29763 | 2024-11-21 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Reflected XSS.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3. | |||||
| CVE-2024-29762 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slidebars) allows Stored XSS.This issue affects Off-Canvas Sidebars & Menus (Slidebars): from n/a through 0.5.8.1. | |||||
| CVE-2024-29761 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Krunal Prajapati WP Post Disclaimer allows Stored XSS.This issue affects WP Post Disclaimer: from n/a through 1.0.3. | |||||
| CVE-2024-29760 | 2024-11-21 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl LLC Booster for WooCommerce allows Reflected XSS.This issue affects Booster for WooCommerce: from n/a through 7.1.7. | |||||
| CVE-2024-29759 | 2024-11-21 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodePeople Calculated Fields Form allows Reflected XSS.This issue affects Calculated Fields Form: from n/a through 1.2.54. | |||||
| CVE-2024-29758 | 2024-11-21 | N/A | 7.1 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kienso Co-marquage service-public.Fr allows Reflected XSS.This issue affects Co-marquage service-public.Fr: from n/a through 0.5.72. | |||||
| CVE-2024-29660 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| Cross Site Scripting vulnerability in DedeCMS v.5.7 allows a local attacker to execute arbitrary code via a crafted payload to the stepselect_main.php component. | |||||
| CVE-2024-29504 | 2024-11-21 | N/A | 7.6 HIGH | ||
| Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter. | |||||
| CVE-2024-29474 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the User Management module. | |||||
| CVE-2024-29472 | 1 Zhyd | 1 Oneblog | 2024-11-21 | N/A | 5.4 MEDIUM |
| OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Privilege Management module. | |||||
| CVE-2024-29471 | 1 Zhyd | 1 Oneblog | 2024-11-21 | N/A | 5.4 MEDIUM |
| OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Notice Manage module. | |||||
| CVE-2024-29470 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
| OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component {{rootpath}}/links. | |||||
| CVE-2024-29469 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
| A stored cross-site scripting (XSS) vulnerability in OneBlog v2.3.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category List parameter under the Lab module. | |||||
| CVE-2024-29413 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| Cross Site Scripting vulnerability in Webasyst v.2.9.9 allows a remote attacker to run arbitrary code via the Instant messenger field in the Contact info function. | |||||
| CVE-2024-29392 | 2024-11-21 | N/A | 5.4 MEDIUM | ||
| Silverpeas Core 6.3 is vulnerable to Cross Site Scripting (XSS) via ClipboardSessionController. | |||||
| CVE-2024-29374 | 2024-11-21 | N/A | 6.1 MEDIUM | ||
| A Cross-Site Scripting (XSS) vulnerability exists in the way MOODLE 3.10.9 handles user input within the "GET /?lang=" URL parameter. | |||||
| CVE-2024-29318 | 1 Personal-management-system | 1 Personal Management System | 2024-11-21 | N/A | 5.4 MEDIUM |
| Volmarg Personal Management System 1.4.64 is vulnerable to stored cross site scripting (XSS) via upload of a SVG file with embedded javascript code. | |||||
| CVE-2024-29278 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| funboot v1.1 is vulnerable to Cross Site Scripting (XSS) via the title field in "create a message ." | |||||