CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2024-51930 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IronFeet Custom URL Shortener custom-url-shorter allows Stored XSS.This issue affects Custom URL S... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-51931 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shazahanul Islam Shohag AzonBox azonbox allows DOM-Based XSS.This issue affects AzonBox: from n/a ... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-51932 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saif Kings Tab Slider kings-tab-slider allows DOM-Based XSS.This issue affects Kings Tab Slider: f... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-51933 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dozyde Cookie Nonsense for YT yt-cookie-nonsense allows DOM-Based XSS.This issue affects Cookie No... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-51934 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uri Lazcano Ekiline Block Collection ekiline-block-collection allows DOM-Based XSS.This issue affe... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-51935 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sam Perrow Fast Video and Image Display fast-video-and-image-display allows DOM-Based XSS.This iss... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-51936 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eSparkBiz ESB Testimonials esb-testimonials allows Stored XSS.This issue affects ESB Testimonials:... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-51937 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bnisia IA Map Analytics Basic ia-map-analytics-basic allows DOM-Based XSS.This issue affects IA Ma... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-51938 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicheaddons Charity Addon for Elementor charity-addon-for-elementor allows DOM-Based XSS.This issu... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-52388 Cross-Site Request Forgery (CSRF) vulnerability in mikeage Hebrew Date hebrewdates allows Stored XSS.This issue affects Hebrew Date: from n/a through <= 2.1.0. | 7.1 | HIGH | — | 0 |
| CVE-2024-52395 Missing Authorization vulnerability in QuantumCloud Floating Buttons for WooCommerce shop-assistant-for-woocommerce-jarvis allows Exploiting Incorrectly Configured Access Control Security Levels.This ... | 5.3 | MEDIUM | — | 0 |
| CVE-2024-52401 Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog DownloadManager hacklog-downloadmanager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: ... | 9.6 | CRITICAL | — | 0 |
| CVE-2024-52402 Cross-Site Request Forgery (CSRF) vulnerability in gunghoinc Exclusive Content Password Protect exclusive-content-password-protect allows Upload a Web Shell to a Web Server.This issue affects Exclusiv... | 9.6 | CRITICAL | — | 0 |
| CVE-2024-52420 Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Disable Admin Notices individually disable-admin-notices allows Cross Site Request Forgery.This issue affects Disable Admin Notices individ... | 4.3 | MEDIUM | — | 0 |
| CVE-2024-52421 Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP Popup Window Maker easy-popup-lightbox-maker allows Stored XSS.This issue affects WP Popup Window Maker: from n/a through <= 2.0. | 7.1 | HIGH | — | 0 |
| CVE-2024-50430 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Stored XSS.This issue affects Bea... | 5.9 | MEDIUM | — | 0 |
| CVE-2024-30424 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM Beaver Builder Addons by WPZOOM wpzoom-addons-for-beaver-builder allows Stored XSS.This iss... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-51669 Cross-Site Request Forgery (CSRF) vulnerability in Kalmang Dynamic Widgets dynamic-widgets.This issue affects Dynamic Widgets: from n/a through <= 1.6.4. | 4.3 | MEDIUM | — | 0 |
| CVE-2024-52392 Cross-Site Request Forgery (CSRF) vulnerability in w3speedster W3SPEEDSTER w3speedster-wp.This issue affects W3SPEEDSTER: from n/a through <= 7.25. | 6.3 | MEDIUM | — | 0 |
| CVE-2024-52437 Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System banner-system allows Privilege Escalation.This issue affects Banner System: from n/a through <= 1.0.0. | 8.8 | HIGH | — | 0 |
| CVE-2024-52438 Missing Authentication for Critical Function vulnerability in deco.agency de:branding debranding allows Privilege Escalation.This issue affects de:branding: from n/a through <= 1.0.2. | 8.8 | HIGH | — | 0 |
| CVE-2024-52439 Deserialization of Untrusted Data vulnerability in Mark O'Donnell Team Rosters team-rosters allows Object Injection.This issue affects Team Rosters: from n/a through <= 4.8.2. | 9.8 | CRITICAL | — | 0 |
| CVE-2024-52440 Deserialization of Untrusted Data vulnerability in xpresslane Xpresslane Fast Checkout xpresslane-integration-for-woocommerce allows Object Injection.This issue affects Xpresslane Fast Checkout: from ... | 9.8 | CRITICAL | — | 0 |
| CVE-2024-52441 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Rajesh Thanoch Quick Learn quick-learn allows Object Injection.This issue affects Quick Learn... | 9.8 | CRITICAL | — | 0 |
| CVE-2024-52442 Incorrect Privilege Assignment vulnerability in userplus UserPlus userplus allows Privilege Escalation.This issue affects UserPlus: from n/a through <= 2.0. | 9.8 | CRITICAL | — | 0 |
| CVE-2024-52443 Deserialization of Untrusted Data vulnerability in masikonis Geolocator geolocator allows Object Injection.This issue affects Geolocator: from n/a through <= 1.1. | 9.8 | CRITICAL | — | 0 |
| CVE-2024-52444 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpopal Opal Woo Custom Product Variation opal-woo-custom-product-variation allows Path Traversal.This is... | 7.5 | HIGH | — | 0 |
| CVE-2024-52445 Deserialization of Untrusted Data vulnerability in ModelTheme QRMenu Restaurant QR Menu Lite qrmenu-lite allows Object Injection.This issue affects QRMenu Restaurant QR Menu Lite: from n/a through <= ... | 8.8 | HIGH | — | 0 |
| CVE-2024-52446 Cross-Site Request Forgery (CSRF) vulnerability in Buying Buddy Buying Buddy IDX CRM buying-buddy-idx-crm allows Object Injection.This issue affects Buying Buddy IDX CRM: from n/a through <= 1.2.8. | 8.8 | HIGH | — | 0 |
| CVE-2024-52447 Path Traversal: '.../...//' vulnerability in corporatezen222 Contact Page With Google Map contact-page-with-google-map allows Path Traversal.This issue affects Contact Page With Google Map: from n/a t... | 8.6 | HIGH | — | 0 |
| CVE-2024-52448 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in webcodingplace Ultimate Classified Listings ultimate-classified-listings allows PHP Local File Inclusion... | 7.5 | HIGH | — | 0 |
| CVE-2024-52450 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in officialprocoders nBlocks nblocks allows PHP Local File Inclusion.This issue af... | 7.5 | HIGH | — | 0 |
| CVE-2024-52451 Cross-Site Request Forgery (CSRF) vulnerability in aaronrobbins Post Ideas post-ideas allows SQL Injection.This issue affects Post Ideas: from n/a through <= 2. | 8.2 | HIGH | — | 0 |
| CVE-2024-52470 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brainvireinfo Dynamic URL SEO dynamic-url-seo allows Reflected XSS.This issue affects Dynamic URL ... | 7.1 | HIGH | — | 0 |
| CVE-2024-52472 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Weather Atlas Weather Atlas Widget weather-atlas allows Reflected XSS.This issue affects Weather A... | 7.1 | HIGH | — | 0 |
| CVE-2024-52473 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sandeep Verma HTML5 Lyrics Karaoke Player html5-lyrics-karaoke-player allows Reflected XSS.This is... | 7.1 | HIGH | — | 0 |
| CVE-2024-11402 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kubiq Block Editor Bootstrap Blocks block-editor-bootstrap-blocks allows Reflected XSS.This issue ... | 7.1 | HIGH | — | 0 |
| CVE-2024-52475 Authentication Bypass Using an Alternate Path or Channel vulnerability in Information Technology Wawp automation-web-platform allows Authentication Bypass.This issue affects Wawp: from n/a through < 3... | 9.8 | CRITICAL | — | 0 |
| CVE-2024-52490 Unrestricted Upload of File with Dangerous Type vulnerability in pathomation Pathomation pathomation allows Upload a Web Shell to a Web Server.This issue affects Pathomation: from n/a through <= 2.5.1... | 10.0 | CRITICAL | — | 0 |
| CVE-2024-52495 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology Distance Based Shipping Calculator distance-based-shipping-calculator allows SQL... | 8.5 | HIGH | — | 0 |
| CVE-2024-52496 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AbsolutePlugins Absolute Addons For Elementor absolute-addons allows Local Code... | 7.5 | HIGH | — | 0 |
| CVE-2024-52497 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in quomodosoft Shopready shopready-elementor-addon allows PHP Local File Inclusion... | 7.5 | HIGH | — | 0 |
| CVE-2024-52498 Path Traversal: '.../...//' vulnerability in softpulseinfotech SP Blog Designer sp-blog-designer allows PHP Local File Inclusion.This issue affects SP Blog Designer: from n/a through <= 1.0.0. | 7.5 | HIGH | — | 0 |
| CVE-2024-52499 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ibrahim Pricing table addon for elementor pricing-table-addon-for-elementor all... | 7.5 | HIGH | — | 0 |
| CVE-2024-52501 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebbyTemplate Office Locator office-locator.This issue affects Office Locator: ... | 7.5 | HIGH | — | 0 |
| CVE-2024-53732 Cross-Site Request Forgery (CSRF) vulnerability in wpwox Footer Flyout Widget footer-flyout-widget allows Stored XSS.This issue affects Footer Flyout Widget: from n/a through <= 1.1. | 7.1 | HIGH | — | 0 |
| CVE-2024-53733 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in harshtohit111 Fence URL fence-url allows Stored XSS.This issue affects Fence URL: from n/a through... | 7.1 | HIGH | — | 0 |
| CVE-2024-53734 Cross-Site Request Forgery (CSRF) vulnerability in Jamie O Idealien Category Enhancements idealien-category-enhancements allows Stored XSS.This issue affects Idealien Category Enhancements: from n/a t... | 7.1 | HIGH | — | 0 |
| CVE-2024-53736 Cross-Site Request Forgery (CSRF) vulnerability in Jason Grim Custom Shortcode Sidebars custom-shortcode-sidebars allows Stored XSS.This issue affects Custom Shortcode Sidebars: from n/a through <= 1.... | 7.1 | HIGH | — | 0 |
| CVE-2024-53737 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster wp-mailster allows Stored XSS.This issue affects WP Mailster: from n/a throu... | 6.5 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.