Latest CVE Feed
-
6.5
MEDIUMCVE-2024-50554
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sided Sided allows DOM-Based XSS.This issue affects Sided: from n/a through 1.4.2.... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
7.1
HIGHCVE-2024-50533
Cross-Site Request Forgery (CSRF) vulnerability in David Garcia Domain Sharding allows Stored XSS.This issue affects Domain Sharding: from n/a through 1.2.1.... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
6.5
MEDIUMCVE-2024-52343
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Offshorent Softwares Pvt. Ltd. | Jinesh.P.V OS Pricing Tables allows Stored XSS.This issue affects OS Pricing Tables: from n/a through 1.2.... Read more
Affected Products :- Published: Nov. 18, 2024
- Modified: Nov. 19, 2024
-
6.5
MEDIUMCVE-2024-52339
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mage Cast Mage Front End Forms allows Stored XSS.This issue affects Mage Front End Forms: from n/a through 1.1.4.... Read more
Affected Products :- Published: Nov. 18, 2024
- Modified: Nov. 19, 2024
-
6.4
MEDIUMCVE-2024-11224
The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘position’ parameter in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticate... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
0.0
NACVE-2024-50289
In the Linux kernel, the following vulnerability has been resolved: media: av7110: fix a spectre vulnerability As warned by smatch: drivers/staging/media/av7110/av7110_ca.c:270 dvb_ca_ioctl() warn: potential spectre issue 'av7110->ci_slot' [w] (local c... Read more
Affected Products : linux_kernel- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
5.5
MEDIUMCVE-2024-11098
The SVG Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated... Read more
Affected Products : svg_block- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
7.8
HIGHCVE-2024-10204
Heap-based Buffer Overflow and Uninitialized Variable vulnerabilities exist in the X_B and SAT file reading procedure in eDrawings from Release SOLIDWORKS 2024 through Release SOLIDWORKS 2025. These vulnerabilities could allow an attacker to execute arbit... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
7.1
HIGHCVE-2024-51645
Cross-Site Request Forgery (CSRF) vulnerability in Themefuse ThemeFuse Maintenance Mode allows Stored XSS.This issue affects ThemeFuse Maintenance Mode: from n/a through 1.1.3.... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
6.5
MEDIUMCVE-2024-51825
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cristopher Ocaña Alert Me! allows DOM-Based XSS.This issue affects Alert Me!: from n/a through 0.4.0.... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
7.1
HIGHCVE-2024-51631
Cross-Site Request Forgery (CSRF) vulnerability in Eftakhairul Islam Sticky Social Bar allows Cross Site Request Forgery.This issue affects Sticky Social Bar: from n/a through 2.0.... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
4.3
MEDIUMCVE-2024-51686
Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar, Surender Khokhar Manage User Columns allows Cross Site Request Forgery.This issue affects Manage User Columns: from n/a through 1.0.5.... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
6.5
MEDIUMCVE-2024-50556
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MD. Mamunur Roshid WM Zoom allows DOM-Based XSS.This issue affects WM Zoom: from n/a through 1.0.... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
6.5
MEDIUMCVE-2024-51833
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noman Akhtar Easy Social Sharebar allows Stored XSS.This issue affects Easy Social Sharebar: from n/a through 1.0.0.... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
7.1
HIGHCVE-2024-51639
Cross-Site Request Forgery (CSRF) vulnerability in Hints Naver Blog allows Stored XSS.This issue affects Naver Blog: from n/a through 1.0.... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
6.5
MEDIUMCVE-2024-51830
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fazilatunnesa News Ticker allows Stored XSS.This issue affects News Ticker: from n/a through 1.0.... Read more
Affected Products : newsticker- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
6.5
MEDIUMCVE-2024-51812
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasim Pro Addons For Elementor allows Stored XSS.This issue affects Pro Addons For Elementor: from n/a through 1.5.0.... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
6.5
MEDIUMCVE-2024-51799
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VBog Bg Patriarchia BU allows DOM-Based XSS.This issue affects Bg Patriarchia BU: from n/a through 2.2.3.... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024
-
7.8
HIGHCVE-2024-50804
Insecure Permissions vulnerability in Micro-star International MSI Center Pro 2.1.37.0 allows a local attacker to execute arbitrary code via the Device_DeviceID.dat.bak file within the C:\ProgramData\MSI\One Dragon Center\Data folder... Read more
Affected Products :- Published: Nov. 18, 2024
- Modified: Nov. 19, 2024
-
6.5
MEDIUMCVE-2024-51819
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tigris – Flexplatform Tigris Flexplatform allows Stored XSS.This issue affects Tigris Flexplatform: from n/a through .0.2.... Read more
Affected Products :- Published: Nov. 19, 2024
- Modified: Nov. 19, 2024