Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2024-35756 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CeiKay Tooltip CK tooltip-ck allows Stored XSS.This issue affects Tooltip CK: from n/a thro... | 5.9 | MEDIUM | — | 0 |
| CVE-2024-5663 The Cards for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Cards widget in all versions up to, and including, 1.1.3 due to insufficient input sanit... | 6.4 | MEDIUM | — | 0 |
| CVE-2012-6580 Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for re... | N/A | NONE | — | 0 |
| CVE-2012-6581 Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, allows remote attackers to bypass intended restrictions on reading keys in the product's keyring, and tri... | N/A | NONE | — | 0 |
| CVE-2024-35755 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in El tiempo Weather Widget Pro allows Stored XSS.This issue affects Weather Widget Pro: from ... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-5613 The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in the 'quality_customizer_notify_dismiss_action' AJAX action in all versions up to, and includin... | 6.1 | MEDIUM | — | 0 |
| CVE-2024-5766 A vulnerability was found in Likeshop up to 2.5.7 and classified as problematic. This issue affects some unknown processing of the file /admin of the component Merchandise Handler. The manipulation le... | 2.4 | LOW | — | 0 |
| CVE-2024-35730 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in realmag777 Active Products Tables for WooCommerce allows Reflected XSS.This issue affects A... | 7.1 | HIGH | — | 0 |
| CVE-2024-35731 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Moose Kenta Gutenberg Blocks Responsive Blocks and block templates library for Gutenberg... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35733 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in RLDD Auto Coupons for WooCommerce allows Reflected XSS.This issue affects Auto Coupons for ... | 7.1 | HIGH | — | 0 |
| CVE-2024-35734 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodePeople WP Time Slots Booking Form allows Stored XSS.This issue affects WP Time Slots Bo... | 7.1 | HIGH | — | 0 |
| CVE-2024-12741 A deserialization of untrusted data vulnerability exists in NI DAQExpress that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially craft... | 7.8 | HIGH | — | 0 |
| CVE-2024-35736 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Visualizer.This issue affects Visualizer: from n/a through 3.11.1. | 8.5 | HIGH | — | 0 |
| CVE-2024-35737 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Loopus WP Visitors Tracker allows Reflected XSS.This issue affects WP Visitors Tracker: fro... | 7.1 | HIGH | — | 0 |
| CVE-2024-35738 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kognetiks Kognetiks Chatbot for WordPress allows Stored XSS.This issue affects Kognetiks Ch... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35740 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Freesia Pixgraphy allows Stored XSS.This issue affects Pixgraphy: from n/a through 1.... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35750 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevart Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gall... | 8.5 | HIGH | — | 0 |
| CVE-2024-35752 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Enea Overclokk Stellissimo Text Box allows Stored XSS.This issue affects Stellissimo Text B... | 5.9 | MEDIUM | — | 0 |
| CVE-2024-36965 In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to the Sys... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-36967 In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. Fix this by calling kfree() in the success, and in t... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-36968 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() l2cap_le_flowctl_init() can cause both div-by-zero and an integer ove... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-36969 In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix division by zero in setup_dsc_config When slice_height is 0, the division by slice_height in the calculation ... | 5.5 | MEDIUM | — | 0 |
| CVE-2024-35707 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Heateor Heateor Social Login allows Stored XSS.This issue affects Heateor Social Login... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-32779 Missing Authorization vulnerability in Avirtum Vision Interactive.This issue affects Vision Interactive: from n/a through 1.7.1. | 5.3 | MEDIUM | — | 0 |
| CVE-2024-35708 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in apollo13themes Rife Free allows Stored XSS.This issue affects Rife Free: from n/a through 2... | 6.5 | MEDIUM | — | 0 |
| CVE-2006-1228 Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote attackers to gain privileges by tricking a user to click on a URL that fixes the session identifier. | N/A | NONE | — | 0 |
| CVE-2024-35710 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Podlove Podlove Web Player.This issue affects Podlove Web Player: from n/a through 5.7.3. | 5.3 | MEDIUM | — | 0 |
| CVE-2024-35711 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Freesia Event allows Stored XSS.This issue affects Event: from n/a through 1.2.2. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35713 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in UAPP GROUP Testimonial Carousel For Elementor allows Stored XSS.This issue affects Testimon... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35714 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Freesia Idyllic allows Stored XSS.This issue affects Idyllic: from n/a through 1.1.8. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35715 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in peregrinethemes Bloglo, peregrinethemes Blogvi allows Stored XSS.This issue affects Bloglo:... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35718 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS.This issue affects Newsletters: from n/a through... | 7.1 | HIGH | — | 0 |
| CVE-2024-35719 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MagniGenie RestroPress allows Stored XSS.This issue affects RestroPress: from n/a through 3... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-37408 fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pam_fprintd.so" for Sudo. NOTE: the supplier disputes this because they... | 7.3 | HIGH | — | 0 |
| CVE-2023-45707 HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch add... | 4.4 | MEDIUM | — | 0 |
| CVE-2024-34765 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sensei Sensei Pro (WC Paid Courses) allows Stored XSS.This issue affects Sensei Pro (WC Pai... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35682 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter Blocks PRO.This issue affects Otter Blocks PRO: from n/a through 2.6.11. | 4.3 | MEDIUM | — | 0 |
| CVE-2024-35681 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35687 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yannick Lefebvre Link Library link-library allows Reflected XSS.This issue affects Link Lib... | 7.1 | HIGH | — | 0 |
| CVE-2024-35688 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons ... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35689 Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3. | 5.4 | MEDIUM | — | 0 |
| CVE-2024-35691 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Marketing Fire, LLC Widget Options - Extended.This issue affects Widget Options - Extended: from n/a through 5.1.0. | 6.5 | MEDIUM | — | 0 |
| CVE-2013-3438 The web framework in the server in Cisco Unified MeetingPlace Web Conferencing allows remote attackers to bypass intended access restrictions and read unspecified web pages via crafted parameters, aka... | N/A | NONE | — | 0 |
| CVE-2024-35695 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.1.3. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35697 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThimPress Eduma allows Reflected XSS.This issue affects Eduma: from n/a through 5.4.7. | 7.1 | HIGH | — | 0 |
| CVE-2025-6271 A vulnerability, which was classified as problematic, was found in swftools up to 0.9.2. This affects the function wav_convert2mono in the library lib/wav.c of the component wav2swf. The manipulation ... | 3.3 | LOW | — | 0 |
| CVE-2024-35699 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35701 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PropertyHive allows Stored XSS.This issue affects PropertyHive: from n/a through 2.0.13. | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35702 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons ... | 6.5 | MEDIUM | — | 0 |
| CVE-2024-35703 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SinaExtra Sina Extension for Elementor allows Stored XSS.This issue affects Sina Extension ... | 6.5 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.