Latest CVE Feed
-
5.1
MEDIUMCVE-2024-47313
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Catch Themes Catch Base allows Stored XSS.This issue affects Catch Base: from n/a through 3.4.6.... Read more
Affected Products :- Published: Oct. 06, 2024
- Modified: Oct. 07, 2024
-
6.5
MEDIUMCVE-2024-47329
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in QuomodoSoft ElementsReady Addons for Elementor allows Stored XSS.This issue affects ElementsReady Addons for Elementor: from n/a through 6.4.0.... Read more
Affected Products : elementsready- Published: Oct. 06, 2024
- Modified: Oct. 07, 2024
-
6.5
MEDIUMCVE-2024-47626
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rometheme RomethemeKit For Elementor allows Stored XSS.This issue affects RomethemeKit For Elementor: from n/a through 1.5.0.... Read more
Affected Products : romethemekit_for_elementor- Published: Oct. 05, 2024
- Modified: Oct. 07, 2024
-
6.5
MEDIUMCVE-2024-47382
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webvitaly Page-list allows Stored XSS.This issue affects Page-list: from n/a through 5.6.... Read more
Affected Products :- Published: Oct. 05, 2024
- Modified: Oct. 07, 2024
-
7.1
HIGHCVE-2024-47386
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended allows Reflected XSS.This issue affects The Ultimate WordPress Toolkit – WP Extended: fro... Read more
Affected Products : wp_extended- Published: Oct. 05, 2024
- Modified: Oct. 07, 2024
-
7.1
HIGHCVE-2024-47348
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WaspThemes YellowPencil Visual CSS Style Editor allows Reflected XSS.This issue affects YellowPencil Visual CSS Style Editor: from n/a through 7.6... Read more
Affected Products : yellowpencil- Published: Oct. 06, 2024
- Modified: Oct. 07, 2024
-
7.1
HIGHCVE-2024-47322
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin allows Reflected XSS.This issue affects WP Timeline – Vertical and Horizontal time... Read more
Affected Products :- Published: Oct. 06, 2024
- Modified: Oct. 07, 2024
-
7.1
HIGHCVE-2024-47388
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SliceWP allows Reflected XSS.This issue affects SliceWP: from n/a through 1.1.18.... Read more
Affected Products : affiliate_program_suite- Published: Oct. 05, 2024
- Modified: Oct. 07, 2024
-
6.5
MEDIUMCVE-2024-47629
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 2.0.5.... Read more
Affected Products : ultimate_store_kit- Published: Oct. 05, 2024
- Modified: Oct. 07, 2024
-
5.9
MEDIUMCVE-2024-44036
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pierre Lebedel Kodex Posts likes allows Stored XSS.This issue affects Kodex Posts likes: from n/a through 2.5.0.... Read more
Affected Products : kodex_posts_likes- Published: Oct. 06, 2024
- Modified: Oct. 07, 2024
-
7.8
HIGHCVE-2024-45245
Diebold Nixdorf – CWE-200: Exposure of Sensitive Information to an Unauthorized Actor... Read more
Affected Products :- Published: Oct. 06, 2024
- Modified: Oct. 07, 2024
-
6.5
MEDIUMCVE-2024-47630
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ElementInvader ElementInvader Addons for Elementor allows Stored XSS.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.... Read more
Affected Products : elementinvader_addons_for_elementor- Published: Oct. 05, 2024
- Modified: Oct. 07, 2024
-
5.1
MEDIUMCVE-2024-44010
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Catch Themes Full frame allows Stored XSS.This issue affects Full frame: from n/a through 2.7.2.... Read more
Affected Products :- Published: Oct. 06, 2024
- Modified: Oct. 07, 2024
-
5.9
MEDIUMCVE-2024-44040
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Plainware ShiftController Employee Shift Scheduling allows Stored XSS.This issue affects ShiftController Employee Shift Scheduling: from n/a throu... Read more
Affected Products : shiftcontroller- Published: Oct. 06, 2024
- Modified: Oct. 07, 2024
-
9.8
CRITICALCVE-2024-45252
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Read more
Affected Products :- Published: Oct. 06, 2024
- Modified: Oct. 07, 2024
-
6.5
MEDIUMCVE-2024-44022
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Trustmary Review & testimonial widgets allows Stored XSS.This issue affects Review & testimonial widgets: from n/a through 1.0.5.... Read more
Affected Products :- Published: Oct. 06, 2024
- Modified: Oct. 07, 2024
-
5.3
MEDIUMCVE-2024-47344
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StylemixThemes uListing.This issue affects uListing: from n/a through 2.1.5.... Read more
Affected Products :- Published: Oct. 07, 2024
- Modified: Oct. 07, 2024
-
6.5
MEDIUMCVE-2024-47631
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bPlugins LLC Logo Carousel – Clients logo carousel for WP allows Stored XSS.This issue affects Logo Carousel – Clients logo carousel for WP: from ... Read more
Affected Products :- Published: Oct. 05, 2024
- Modified: Oct. 07, 2024
-
6.5
MEDIUMCVE-2024-47639
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in VdoCipher allows Stored XSS.This issue affects VdoCipher: from n/a through 1.29.... Read more
Affected Products :- Published: Oct. 05, 2024
- Modified: Oct. 07, 2024
-
9.8
CRITICALCVE-2024-45251
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Read more
Affected Products :- Published: Oct. 06, 2024
- Modified: Oct. 07, 2024