4.8

CVSS3.1

CVE-2024-3261 - Strong Testimonials < 3.1.12 - Contributor+ Stored XSS

The Strong Testimonials WordPress plugin before 3.1.12 does not validate and escape some of its Testimonial fields before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. The attack requires a specific v…

πŸ“… Published: April 24, 2024, 5 a.m. πŸ”„ Last Modified: May 8, 2025, 7:12 p.m.

3.8

CVSS3.1

CVE-2024-2972 - Floating Chat Widget < 3.1.9 - Editor+ Stored XSS

The Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button WordPress plugin before 3.1.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attack…

πŸ“… Published: April 24, 2024, 5 a.m. πŸ”„ Last Modified: May 8, 2025, 7:11 p.m.

5.4

CVSS3.1

CVE-2024-2404 - Better Comments < 1.5.6 - Subscriber+ Stored XSS

The Better Comments WordPress plugin before 1.5.6 does not sanitise and escape some of its settings, which could allow low privilege users such as Subscribers to perform Stored Cross-Site Scripting attacks.

πŸ“… Published: April 24, 2024, 5 a.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:09 a.m.

5.4

CVSS3.1

CVE-2024-2402 - Better Comments < 1.5.6 - Admin+ Stored XSS

The Better Comments WordPress plugin before 1.5.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

πŸ“… Published: April 24, 2024, 5 a.m. πŸ”„ Last Modified: May 8, 2025, 7:11 p.m.

6.5

CVSS3.1

CVE-2024-1756 - WooCommerce Customers Manager < 29.8 - Subscriber+ Email Disclosure

The WooCommerce Customers Manager WordPress plugin before 29.8 does not have authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber, to call it and retrieve the list of customer email addresses along with their id, first name and last name

πŸ“… Published: April 24, 2024, 5 a.m. πŸ”„ Last Modified: May 7, 2025, 6 p.m.

5.9

CVSS3.1

CVE-2024-1743 - WooCommerce Customers Manager < 29.8 - Reflected XSS

The WooCommerce Customers Manager WordPress plugin before 29.8 does not sanitise and escape various parameters before outputting them back in pages and attributes, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

πŸ“… Published: April 24, 2024, 5 a.m. πŸ”„ Last Modified: May 7, 2025, 6 p.m.

6.1

CVSS3.1

CVE-2023-7253 - Import WP < 2.13.1 - Admin+ Server-side Request Forgery

The Import WP WordPress plugin before 2.13.1 does not prevent users with the administrator role from pinging conducting SSRF attacks, which may be a problem in multisite configurations.

πŸ“… Published: April 24, 2024, 5 a.m. πŸ”„ Last Modified: May 8, 2025, 7:10 p.m.

6.3

CVSS3.1

CVE-2024-4093 - SourceCodester Simple Subscription Website view_application.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Simple Subscription Website 1.0. Affected is an unknown function of the file view_application.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has…

πŸ“… Published: April 24, 2024, 1 a.m. πŸ”„ Last Modified: Feb. 11, 2025, 3:33 p.m.

0.0

CVE-2024-4108 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: April 24, 2024, 12:30 a.m. πŸ”„ Last Modified: Feb. 11, 2025, 2:15 a.m.

9.8

CVSS3.1

CVE-2024-28613 -

SQL Injection vulnerability in PHP Task Management System v.1.0 allows a remote attacker to escalate privileges and obtain sensitive information via the task_id parameter of the task-details.php, and edit-task.php component.

πŸ“… Published: April 24, 2024, midnight πŸ”„ Last Modified: March 27, 2025, 9:15 p.m.
Total resulsts: 349182
Page 10184 of 34,919
Β« previous page Β» next page
Filters