6.5
CVE-2024-33630 - WordPress Piotnet Addons For Elementor plugin <= 2.4.26 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through 2.4.26.
6.5
CVE-2024-33631 - WordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Authenticated Stored Cross Site Scripβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor Pro allows Stored XSS.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17.
7.1
CVE-2024-33633 - WordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Reflected Cross Site Scripting (XSS) β¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor Pro allows Reflected XSS.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17.
6.5
CVE-2024-33640 - WordPress Pretty Google Calendar plugin <= 1.7.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LBell Pretty Google Calendar allows Stored XSS.This issue affects Pretty Google Calendar: from n/a through 1.7.2.
5.9
CVE-2024-33643 - WordPress Advanced Most Recent Posts Mod plugin <= 1.6.5.2 - Cross Site Scripting (XSS) vulnerabiliβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kailey Lampert Advanced Most Recent Posts Mod allows Stored XSS.This issue affects Advanced Most Recent Posts Mod: from n/a through 1.6.5.2.
7.1
CVE-2024-33645 - WordPress Easy Set Favicon plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eftakhairul Islam & Sirajus Salayhin Easy Set Favicon allows Reflected XSS.This issue affects Easy Set Favicon: from n/a through 1.1.
7.1
CVE-2024-33646 - WordPress Sticky Anything plugin <= 2.1.5 - Broken Access Control to XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Sticky Anything allows Cross-Site Scripting (XSS).This issue affects Sticky Anything: from n/a through 2.1.5.
6.5
CVE-2024-33648 - WordPress Recencio Book Reviews plugin <= 1.66.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kemory Grubb Recencio Book Reviews recencio-book-reviews allows DOM-Based XSS.This issue affects Recencio Book Reviews: from n/a through <= 1.66.0.
6.5
CVE-2024-33649 - WordPress Opal Widgets For Elementor plugin <= 1.6.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WpOpal Opal Widgets For Elementor allows Stored XSS.This issue affects Opal Widgets For Elementor: from n/a through 1.6.9.
8.8
CVE-2024-4301 - N-Reporter and N-Cloud from N-Partner - Os Command Injection
N-Reporter and N-Cloud, products of the N-Partner, have an OS Command Injection vulnerability. Remote attackers with normal user privilege can execute arbitrary system commands by manipulating user inputs on a specific page.