6.4
CVE-2024-3645 - Essential Addons for Elementor Pro <= 5.8.11 - Authenticated (Contributor+) Stored Cross-Site Scripβ¦
The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Counter widget in all versions up to, and including, 5.8.11 due to insufficient input sanitization and output escaping on user supplied attributes such as 'title_html_tag'. Thisβ¦
4.6
CVE-2024-4026 - Cross-Site Scripting in the Holded application
Cross-Site Scripting (XSS) vulnerability in the Holded application. This vulnerability could allow an attacker to store a JavaScript payload within all editable parameters within the 'General' and 'Team ID' functionalities, which could result in a session takeover.
4.3
CVE-2024-32681 - WordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in BdThemes Prime Slider β Addons For Elementor.This issue affects Prime Slider β Addons For Elementor: from n/a through 3.13.2.
7.1
CVE-2024-32682 - WordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in BdThemes Prime Slider β Addons For Elementor.This issue affects Prime Slider β Addons For Elementor: from n/a through 3.13.2.
5.3
CVE-2024-32684 - WordPress WP Ultimate Review plugin <= 2.2.5 - Broken Access Control on Review vulnerability
Missing Authorization vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5.
4.3
CVE-2024-32687 - WordPress WPC Frequently Bought Together for WooCommerce plugin <= 7.0.3 - Broken Access Control vuβ¦
Missing Authorization vulnerability in WPClever WPC Frequently Bought Together for WooCommerce.This issue affects WPC Frequently Bought Together for WooCommerce: from n/a through 7.0.3.
6.5
CVE-2024-32688 - WordPress MyRewards plugin <= 5.3.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0.
5.3
CVE-2024-32691 - WordPress Active Products Tables for WooCommerce plugin <= 1.0.6.2 - Broken Access Control vulnerabβ¦
Missing Authorization vulnerability in realmag777 Active Products Tables for WooCommerce.This issue affects Active Products Tables for WooCommerce: from n/a through 1.0.6.2.
7.6
CVE-2024-32693 - WordPress Automatic plugin < 3.93.0 - Multiple Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in ValvePress Automatic.This issue affects Automatic: from n/a before 3.93.0.
6.5
CVE-2024-32698 - WordPress Happy Addons for Elementor plugin <= 3.10.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons.This issue affects Happy Addons for Elementor: from n/a through <= 3.10.4.