Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2024-35699 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8. | 6.5 | MEDIUM | β | 0 |
| CVE-2024-35701 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PropertyHive allows Stored XSS.This issue affects PropertyHive: from n/a through 2.0.13. | 6.5 | MEDIUM | β | 0 |
| CVE-2024-35702 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons ... | 6.5 | MEDIUM | β | 0 |
| CVE-2024-35703 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SinaExtra Sina Extension for Elementor allows Stored XSS.This issue affects Sina Extension ... | 6.5 | MEDIUM | β | 0 |
| CVE-2024-35704 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPBlockArt BlockArt Blocks allows Stored XSS.This issue affects BlockArt Blocks: from n/a t... | 6.5 | MEDIUM | β | 0 |
| CVE-2024-35705 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ciprian Popescu Block for Font Awesome allows Stored XSS.This issue affects Block for Font ... | 6.5 | MEDIUM | β | 0 |
| CVE-2024-35706 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login allows Cross-Site Scripting (XSS).This issue affects Heat... | 7.1 | HIGH | β | 0 |
| CVE-2024-35657 Cross-Site Request Forgery (CSRF) vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.6. | 5.4 | MEDIUM | β | 0 |
| CVE-2024-21748 Missing Authorization vulnerability in Icegram.This issue affects Icegram: from n/a through 3.1.21. | 4.3 | MEDIUM | β | 0 |
| CVE-2024-4146 In lunary-ai/lunary version v1.2.13, an incorrect authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access... | 9.8 | CRITICAL | β | 0 |
| CVE-2024-4680 A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire afte... | 8.8 | HIGH | β | 0 |
| CVE-2024-5771 A vulnerability classified as critical was found in LabVantage LIMS 2017. This vulnerability affects unknown code of the file /labvantage/rc?command=page&page=SampleList&_iframename=list of the compon... | 6.3 | MEDIUM | β | 0 |
| CVE-2024-5774 A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the compone... | 7.3 | HIGH | β | 0 |
| CVE-2024-5775 A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updatebill.php. The manipulation ... | 6.3 | MEDIUM | β | 0 |
| CVE-2023-51494 Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.1. | 5.3 | MEDIUM | β | 0 |
| CVE-2023-52230 Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.3. | 6.5 | MEDIUM | β | 0 |
| CVE-2023-52232 Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.2. | 6.5 | MEDIUM | β | 0 |
| CVE-2006-1229 SQL injection vulnerability in search.asp in Hosting Controller 6.1 (Hotfix 2.9) allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this infor... | N/A | NONE | β | 0 |
| CVE-2024-30537 Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through 2.4.0. | 4.3 | MEDIUM | β | 0 |
| CVE-2024-30538 Missing Authorization vulnerability in DELUCKS GmbH DELUCKS SEO.This issue affects DELUCKS SEO: from n/a through 2.5.4. | 5.3 | MEDIUM | β | 0 |
| CVE-2024-30539 Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.7. | 5.3 | MEDIUM | β | 0 |
| CVE-2024-31098 Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.This issue affects New Order Notification for Woocommerce: from n/a through 2.0.2. | 8.1 | HIGH | β | 0 |
| CVE-2025-59588 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PenciDesign Soledad soledad allows PHP Local File Inclusion.This issue affects ... | 7.5 | HIGH | β | 0 |
| CVE-2024-31294 Missing Authorization vulnerability in Fahad Mahmood WP Sort Order.This issue affects WP Sort Order: from n/a through 1.3.1. | 4.3 | MEDIUM | β | 0 |
| CVE-2023-23639 Missing Authorization vulnerability in MainWP MainWP Staging Extension.This issue affects MainWP Staging Extension: from n/a through 4.0.3. | 5.4 | MEDIUM | β | 0 |
| CVE-2023-23640 Missing Authorization vulnerability in MainWP MainWP UpdraftPlus Extension.This issue affects MainWP UpdraftPlus Extension: from n/a through 4.0.6. | 5.4 | MEDIUM | β | 0 |
| CVE-2023-31080 Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, ... | 8.3 | HIGH | β | 0 |
| CVE-2023-34003 Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.1.51. | 6.5 | MEDIUM | β | 0 |
| CVE-2024-24716 Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.6. | 5.4 | MEDIUM | β | 0 |
| CVE-2024-25092 Missing Authorization vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.17.0. | 8.8 | HIGH | β | 0 |
| CVE-2024-25929 Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through... | 6.5 | MEDIUM | β | 0 |
| CVE-2024-30464 Missing Authorization vulnerability in WPZOOM Social Icons Widget & Block by WPZOOM.This issue affects Social Icons Widget & Block by WPZOOM: from n/a through 4.2.15. | 5.4 | MEDIUM | β | 0 |
| CVE-2024-30466 Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.4. | 5.4 | MEDIUM | β | 0 |
| CVE-2024-30467 Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg.This issue affects Essential Blocks for Gutenberg: from n/a through 4.4.9. | 6.5 | MEDIUM | β | 0 |
| CVE-2024-30470 Missing Authorization vulnerability in YITH YITH WooCommerce Account Funds Premium.This issue affects YITH WooCommerce Account Funds Premium: from n/a through 1.33.0. | 6.5 | MEDIUM | β | 0 |
| CVE-2024-30485 Missing Authorization vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0. | 8.8 | HIGH | β | 0 |
| CVE-2024-30512 Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.20. | 3.7 | LOW | β | 0 |
| CVE-2024-30515 Missing Authorization vulnerability in Pixelite Events Manager.This issue affects Events Manager: from n/a through 6.4.6.4. | 4.3 | MEDIUM | β | 0 |
| CVE-2024-30517 Missing Authorization vulnerability in Sliced Invoices.This issue affects Sliced Invoices: from n/a through 3.9.2. | 4.3 | MEDIUM | β | 0 |
| CVE-2024-30544 Missing Authorization vulnerability in UPQODE Whizzy.This issue affects Whizzy: from n/a through 1.1.18. | 5.3 | MEDIUM | β | 0 |
| CVE-2024-31243 Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a through 2.0.17. | 7.5 | HIGH | β | 0 |
| CVE-2024-31244 Missing Authorization vulnerability in Bricksforge.This issue affects Bricksforge: from n/a through 2.0.17. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-31267 Missing Authorization vulnerability in WP Desk Flexible Checkout Fields for WooCommerce.This issue affects Flexible Checkout Fields for WooCommerce: from n/a through 4.1.2. | 4.3 | MEDIUM | β | 0 |
| CVE-2024-31273 Missing Authorization vulnerability in JS Help Desk JS Help Desk β Best Help Desk & Support Plugin.This issue affects JS Help Desk β Best Help Desk & Support Plugin: from n/a through 2.8.3. | 5.3 | MEDIUM | β | 0 |
| CVE-2024-31274 Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.11. | 5.3 | MEDIUM | β | 0 |
| CVE-2024-32783 Missing Authorization vulnerability in wpcreativeidea Advanced Testimonial Carousel for Elementor.This issue affects Advanced Testimonial Carousel for Elementor: from n/a through 3.0.0. | 4.3 | MEDIUM | β | 0 |
| CVE-2024-33543 Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.06. | 7.5 | HIGH | β | 0 |
| CVE-2024-33545 Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10. | 5.3 | MEDIUM | β | 0 |
| CVE-2024-33547 Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10. | 8.3 | HIGH | β | 0 |
| CVE-2024-33555 Missing Authorization vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.8. | 8.1 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.