6.5
CVE-2024-31348 - WordPress Super Testimonials plugin <= 3.0.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Testimonials allows Stored XSS.This issue affects Testimonials: from n/a through 3.0.5.
6.5
CVE-2024-31349 - WordPress MailMunch β Grow your Email List plugin <= 3.1.6 - Cross Site Scripting (XSS) vulnerabiliβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch MailMunch β Grow your Email List allows Stored XSS.This issue affects MailMunch β Grow your Email List: from n/a through 3.1.6.
8.8
CVE-2024-31280 - WordPress Church Admin plugin <= 4.1.5 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.5.
3.5
CVE-2024-3428 - SourceCodester Online Courseware edit.php cross site scripting
A vulnerability has been found in SourceCodester Online Courseware 1.0 and classified as problematic. This vulnerability affects unknown code of the file edit.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosedβ¦
9.9
CVE-2024-31286 - WordPress WP Photo Album Plus plugin < 8.6.03.005 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a before 8.6.03.005.
7.2
CVE-2024-31292 - WordPress Import XML and RSS Feeds plugin <= 2.1.5 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Moove Agency Import XML and RSS Feeds.This issue affects Import XML and RSS Feeds: from n/a through 2.1.5.
9.1
CVE-2024-31345 - WordPress Auto Poster plugin <= 1.2 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Sukhchain Singh Auto Poster.This issue affects Auto Poster: from n/a through 1.2.
8.7
CVE-2024-31277 - WordPress Product Designer plugin <= 1.0.32 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue affects Product Designer: from n/a through 1.0.32.
4.4
CVE-2024-31308 - WordPress WP Import Export Lite & WP Import Export plugin <= 3.9.26 - PHP Object Injection vulnerabβ¦
Deserialization of Untrusted Data vulnerability in VJInfotech WP Import Export Lite.This issue affects WP Import Export Lite: from n/a through 3.9.26.
7.2
CVE-2024-31288 - WordPress RapidLoad plugin <= 2.2.11 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery (SSRF) vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize.This issue affects RapidLoad Power-Up for Autoptimize: from n/a through 2.2.11.