Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2024-44003 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spicethemes Spice Starter Sites spice-starter-sites allows Reflected XSS.This issue affects Spice ... | 7.1 | HIGH | — | 0 |
| CVE-2024-44005 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows Stored XSS.This issue affect... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-43989 Server-Side Request Forgery (SSRF) vulnerability in Firsh Justified Image Grid justified-image-grid.This issue affects Justified Image Grid: from n/a through <= 4.6.1. | 7.5 | HIGH | — | 0 |
| CVE-2024-44048 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpWax Product Carousel Slider & Grid Ultimate for WooCommerce woo-product-carou... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-45453 Authentication Bypass by Spoofing vulnerability in Peter Hardy-vanDoorn Maintenance Redirect jf3-maintenance-mode.This issue affects Maintenance Redirect: from n/a through <= 2.0.1. | 3.7 | LOW | — | 0 |
| CVE-2024-47303 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in livemesh Livemesh Addons for Elementor addons-for-elementor allows Cross-Site Scripting (XSS).This... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-43237 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Steve Burge WordPress Tag Cloud Plugin – Tag Groups tag-groups.This issue affects WordPress Tag Cloud Plugin – Tag Groups: f... | 5.3 | MEDIUM | — | 0 |
| CVE-2024-43959 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Testimonials super-testimonial allows Reflected XSS.This issue affects Testimonials: f... | 7.1 | HIGH | — | 0 |
| CVE-2024-47305 Cross-Site Request Forgery (CSRF) vulnerability in Dnesscarkey Use Any Font use-any-font allows Cross Site Request Forgery.This issue affects Use Any Font: from n/a through <= 6.3.08. | 4.3 | MEDIUM | — | 0 |
| CVE-2024-47315 Cross-Site Request Forgery (CSRF) vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through <= 3.15.1. | 5.4 | MEDIUM | — | 0 |
| CVE-2024-47337 Missing Authorization vulnerability in Phillip Dane Joy Of Text Lite joy-of-text.This issue affects Joy Of Text Lite: from n/a through <= 2.3.1. | 4.3 | MEDIUM | — | 0 |
| CVE-2024-47641 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Muhammad Shakeel Confetti Fall Animation confetti-fall-animation allows Stored XSS.This issue affe... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-47396 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in moveaddons Move Addons for Elementor move-addons allows Stored XSS.This issue affects Move Addons ... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-44017 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MinHyeong Lim MH Board mh-board allows PHP Local File Inclusion.This issue affects MH Board: from n/a th... | 7.5 | HIGH | — | 0 |
| CVE-2024-44030 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mestres do WP Checkout Mestres WP checkout-mestres-wp allows Absolute Path Traversal.This issue affects ... | 7.2 | HIGH | — | 0 |
| CVE-2024-44011 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ExpressTech Systems WP Ticket Ultra Help Desk & Support Plugin wp-ticket-ultra allows PHP Local File Inc... | 7.5 | HIGH | — | 0 |
| CVE-2024-44012 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpdev33 WP Newsletter Subscription wp-newsletter-subscription allows PHP Local File Inclusion.This issue... | 7.5 | HIGH | — | 0 |
| CVE-2024-44013 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Innate Images LLC VR Calendar vr-calendar-sync allows PHP Local File Inclusion.This issue affects VR Cal... | 7.5 | HIGH | — | 0 |
| CVE-2024-44014 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vmax Studio Vmax Project Manager vmax-project-manager allows PHP Local File Inclusion.This issue affects... | 9.6 | CRITICAL | — | 0 |
| CVE-2024-44015 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in istmoplugins Users Control users-control allows PHP Local File Inclusion.This issue affects Users Contro... | 7.5 | HIGH | — | 0 |
| CVE-2024-44016 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in amarksteadman Podiant podiant allows PHP Local File Inclusion.This issue affects Podiant: from n/a throu... | 7.5 | HIGH | — | 0 |
| CVE-2024-9146 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in jamesdlow CSS JS Files css-js-files allows Path Traversal.This issue affects CSS JS Files: from n/a thro... | 4.9 | MEDIUM | — | 0 |
| CVE-2024-44018 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in istmoplugins Instant Chat Floating Button for WordPress Websites instant-chat-wp allows PHP Local File I... | 7.5 | HIGH | — | 0 |
| CVE-2024-44023 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in abcapp ABCApp Creator abcapp-creator.This issue affects ABCApp Creator: from n/... | 8.1 | HIGH | — | 0 |
| CVE-2024-44034 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Martin Greenwood WPSPX wpspx allows PHP Local File Inclusion.This issue affects WPSPX: from n/a through ... | 7.5 | HIGH | — | 0 |
| CVE-2024-47309 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Condless Cities Shipping Zones for WooCommerce cities-shipping-zones-for-woocommerce allows PHP Local Fi... | 6.6 | MEDIUM | — | 0 |
| CVE-2024-47316 Authorization Bypass Through User-Controlled Key vulnerability in Dimitri Grassi Salon booking system salon-booking-system.This issue affects Salon booking system: from n/a through <= 10.9. | 4.3 | MEDIUM | — | 0 |
| CVE-2024-47319 Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form bit-form.This issue affects Bit Form: from n/a through <= 2.13.10. | 8.0 | HIGH | — | 0 |
| CVE-2024-47323 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.Th... | 8.1 | HIGH | — | 0 |
| CVE-2024-47324 Path Traversal: '.../...//' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from... | 7.5 | HIGH | — | 0 |
| CVE-2024-47631 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Logo Carousel – Clients logo carousel for WP responsive-client-logo-carousel-slider allow... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-47632 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Detheme DethemeKit For Elementor dethemekit-for-elementor allows Stored XSS.This issue affects Det... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-47633 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zoho Forms Zoho Forms zoho-forms allows Stored XSS.This issue affects Zoho Forms: from n/a through... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-47635 Cross-Site Request Forgery (CSRF) vulnerability in TinyPNG TinyPNG tiny-compress-images allows Cross Site Request Forgery.This issue affects TinyPNG: from n/a through <= 3.4.3. | 5.4 | MEDIUM | — | 0 |
| CVE-2024-47638 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allow... | 7.1 | HIGH | — | 0 |
| CVE-2024-47639 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vibhav Sinha VdoCipher vdocipher allows Stored XSS.This issue affects VdoCipher: from n/a through ... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-47642 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Keap Keap Official Opt-in Forms infusionsoft-official-opt-in-forms allows Stored XSS.This issue af... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-47643 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Include Fussball.de Widgets include-fussball-de-widgets allows Stored XSS.This issue affects ... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-47644 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Copyscape Copyscape Premium copyscape-premium allows Stored XSS.This issue affects Copyscape Premi... | 7.1 | HIGH | — | 0 |
| CVE-2024-47646 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in tomlister Payflex Payment Gateway payflex-payment-gateway.This issue affects Payflex Payment Gateway: from n/a through <= 2.6.1. | 4.7 | MEDIUM | — | 0 |
| CVE-2024-47647 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Essekia Helpie FAQ helpie-faq allows Stored XSS.This issue affects Helpie FAQ: from n/a through <=... | 5.9 | MEDIUM | — | 0 |
| CVE-2024-47625 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themelooks Enter Addons enteraddons allows Stored XSS.This issue affects Enter Addons: from n/a th... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-47626 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rometheme RTMKit rometheme-for-elementor allows Stored XSS.This issue affects RTMKit: from n/a thr... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-47627 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Travel WP Travel Gutenberg Blocks wp-travel-blocks allows Stored XSS.This issue affects WP Trav... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-47628 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LA-Studio LA-Studio Element Kit for Elementor lastudio-element-kit allows Stored XSS.This issue af... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-47629 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Stored XSS.This issue affec... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-47630 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Sto... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-47378 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lomu WPCOM Member wpcom-member allows Reflected XSS.This issue affects WPCOM Member: from n/a thro... | 7.1 | HIGH | — | 0 |
| CVE-2024-47379 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shamalli Web Directory Free web-directory-free allows Reflected XSS.This issue affects Web Directo... | 7.1 | HIGH | — | 0 |
| CVE-2024-47380 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for eBay wp-lister-for-ebay allows Reflected XSS.This issue affects WP-Liste... | 7.1 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.