Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2024-35719 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MagniGenie RestroPress allows Stored XSS.This issue affects RestroPress: from n/a through 3... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-37408 fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pam_fprintd.so" for Sudo. NOTE: the supplier disputes this because they... | 7.3 | HIGH | — | 0 |
| CVE-2023-45707 HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch add... | 4.4 | MEDIUM | — | 0 |
| CVE-2024-34765 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sensei Sensei Pro (WC Paid Courses) allows Stored XSS.This issue affects Sensei Pro (WC Pai... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35681 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35682 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter Blocks PRO.This issue affects Otter Blocks PRO: from n/a through 2.6.11. | 4.3 | MEDIUM | — | 0 |
| CVE-2024-35687 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library link-library allows Reflected XSS.This issue affects Link Lib... | 7.1 | HIGH | — | 0 |
| CVE-2024-35688 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons ... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35689 Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3. | 5.4 | MEDIUM | — | 0 |
| CVE-2024-35691 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Marketing Fire, LLC Widget Options - Extended.This issue affects Widget Options - Extended: from n/a through 5.1.0. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35695 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.1.3. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35697 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThimPress Eduma allows Reflected XSS.This issue affects Eduma: from n/a through 5.4.7. | 7.1 | HIGH | — | 0 |
| CVE-2024-35699 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35701 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PropertyHive allows Stored XSS.This issue affects PropertyHive: from n/a through 2.0.13. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35702 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons ... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35703 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SinaExtra Sina Extension for Elementor allows Stored XSS.This issue affects Sina Extension ... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35704 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPBlockArt BlockArt Blocks allows Stored XSS.This issue affects BlockArt Blocks: from n/a t... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35705 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ciprian Popescu Block for Font Awesome allows Stored XSS.This issue affects Block for Font ... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35706 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login allows Cross-Site Scripting (XSS).This issue affects Heat... | 7.1 | HIGH | — | 0 |
| CVE-2024-35657 Cross-Site Request Forgery (CSRF) vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.6. | 5.4 | MEDIUM | — | 0 |
| CVE-2024-21748 Missing Authorization vulnerability in Icegram.This issue affects Icegram: from n/a through 3.1.21. | 4.3 | MEDIUM | — | 0 |
| CVE-2024-4146 In lunary-ai/lunary version v1.2.13, an incorrect authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access... | 9.8 | CRITICAL | — | 0 |
| CVE-2024-4680 A vulnerability in zenml-io/zenml version 0.56.3 allows attackers to reuse old session credentials or session IDs due to insufficient session expiration. Specifically, the session does not expire afte... | 8.8 | HIGH | — | 0 |
| CVE-2024-5771 A vulnerability classified as critical was found in LabVantage LIMS 2017. This vulnerability affects unknown code of the file /labvantage/rc?command=page&page=SampleList&_iframename=list of the compon... | 6.3 | MEDIUM | — | 0 |
| CVE-2024-5774 A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file index.php of the compone... | 7.3 | HIGH | — | 0 |
| CVE-2024-5775 A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file updatebill.php. The manipulation ... | 6.3 | MEDIUM | — | 0 |
| CVE-2023-51494 Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.1. | 5.3 | MEDIUM | — | 0 |
| CVE-2023-52230 Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.3. | 6.5 | MEDIUM | — | 0 |
| CVE-2023-52232 Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.2. | 6.5 | MEDIUM | — | 0 |
| CVE-2006-1229 SQL injection vulnerability in search.asp in Hosting Controller 6.1 (Hotfix 2.9) allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this infor... | N/A | NONE | — | 0 |
| CVE-2024-30537 Missing Authorization vulnerability in WPClever WPC Badge Management for WooCommerce.This issue affects WPC Badge Management for WooCommerce: from n/a through 2.4.0. | 4.3 | MEDIUM | — | 0 |
| CVE-2024-30538 Missing Authorization vulnerability in DELUCKS GmbH DELUCKS SEO.This issue affects DELUCKS SEO: from n/a through 2.5.4. | 5.3 | MEDIUM | — | 0 |
| CVE-2024-30539 Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.7. | 5.3 | MEDIUM | — | 0 |
| CVE-2024-31098 Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.This issue affects New Order Notification for Woocommerce: from n/a through 2.0.2. | 8.1 | HIGH | — | 0 |
| CVE-2024-31294 Missing Authorization vulnerability in Fahad Mahmood WP Sort Order.This issue affects WP Sort Order: from n/a through 1.3.1. | 4.3 | MEDIUM | — | 0 |
| CVE-2023-23639 Missing Authorization vulnerability in MainWP MainWP Staging Extension.This issue affects MainWP Staging Extension: from n/a through 4.0.3. | 5.4 | MEDIUM | — | 0 |
| CVE-2025-59588 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PenciDesign Soledad soledad allows PHP Local File Inclusion.This issue affects ... | N/A | NONE | — | 0 |
| CVE-2023-23640 Missing Authorization vulnerability in MainWP MainWP UpdraftPlus Extension.This issue affects MainWP UpdraftPlus Extension: from n/a through 4.0.6. | 5.4 | MEDIUM | — | 0 |
| CVE-2023-31080 Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, ... | 8.3 | HIGH | — | 0 |
| CVE-2023-34003 Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.1.51. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-24716 Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.6. | 5.4 | MEDIUM | — | 0 |
| CVE-2024-25092 Missing Authorization vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.17.0. | 8.8 | HIGH | — | 0 |
| CVE-2024-25929 Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX: from n/a through... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-30464 Missing Authorization vulnerability in WPZOOM Social Icons Widget & Block by WPZOOM.This issue affects Social Icons Widget & Block by WPZOOM: from n/a through 4.2.15. | 5.4 | MEDIUM | — | 0 |
| CVE-2024-30466 Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.4. | 5.4 | MEDIUM | — | 0 |
| CVE-2024-30467 Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg.This issue affects Essential Blocks for Gutenberg: from n/a through 4.4.9. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-30470 Missing Authorization vulnerability in YITH YITH WooCommerce Account Funds Premium.This issue affects YITH WooCommerce Account Funds Premium: from n/a through 1.33.0. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-30485 Missing Authorization vulnerability in XLPlugins Finale Lite.This issue affects Finale Lite: from n/a through 2.18.0. | 8.8 | HIGH | — | 0 |
| CVE-2024-30512 Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.20. | 3.7 | LOW | — | 0 |
| CVE-2024-30515 Missing Authorization vulnerability in Pixelite Events Manager.This issue affects Events Manager: from n/a through 6.4.6.4. | 4.3 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.