6.5
CVE-2024-56242 - WordPress Arconix Shortcodes plugin <= 2.1.14 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tychesoftwares Arconix Shortcodes arconix-shortcodes allows Stored XSS.This issue affects Arconix Shortcodes: from n/a through <= 2.1.14.
6.5
CVE-2024-56241 - WordPress WPKoi Templates for Elementor plugin <= 3.1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows Stored XSS.This issue affects WPKoi Templates for Elementor: from n/a through <= 3.1.3.
6.5
CVE-2024-56240 - WordPress Pronamic Google Maps plugin <= 2.3.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pronamic Pronamic Google Maps pronamic-google-maps allows Stored XSS.This issue affects Pronamic Google Maps: from n/a through <= 2.3.2.
6.5
CVE-2024-56239 - WordPress Themify Audio Dock plugin <= 2.0.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Audio Dock themify-audio-dock allows Stored XSS.This issue affects Themify Audio Dock: from n/a through <= 2.0.4.
5.3
CVE-2024-56238 - WordPress Floating Action Buttons plugin <= 0.9.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in QuantumCloud Floating Action Buttons floating-action-buttons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Floating Action Buttons: from n/a through <= 0.9.1.
5.9
CVE-2024-56237 - WordPress Contest Gallery plugin <= 24.0.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Stored XSS.This issue affects Contest Gallery: from n/a through <= 24.0.3.
4.3
CVE-2024-56236 - WordPress Hestia Nginx Cache plugin <= 2.4.0 - Cross Site Request Forgery (CSRF) vulnerability
Missing Authorization vulnerability in Juniper Hestia Nginx Cache hestia-nginx-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hestia Nginx Cache: from n/a through <= 2.4.0.
7.1
CVE-2024-56026 - WordPress Simple Proxy plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Greg – SiteOrigin Simple Proxy simple-proxy allows Reflected XSS.This issue affects Simple Proxy: from n/a through <= 1.0.
7.1
CVE-2024-56025 - WordPress AdWork Media EZ Content Locker plugin <= 3.0 - Reflected Cross Site Scripting (XSS) vulneβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in adworkmedia AdWork Media EZ Content Locker adwork-media-ez-content-locker allows Reflected XSS.This issue affects AdWork Media EZ Content Locker: from n/a through <= 3.0.
7.1
CVE-2024-56024 - WordPress Custom Dashboard Widget plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerabilβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DuoGeek Custom Dashboard Widget create-custom-dashboard-widget allows Reflected XSS.This issue affects Custom Dashboard Widget: from n/a through <= 1.0.0.