4.3
CVE-2024-56217 - WordPress Download Manager plugin <= 3.3.03 - Broken Access Control vulnerability
Missing Authorization vulnerability in Shahjada Download Manager download-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Manager: from n/a through <= 3.3.03.
4.3
CVE-2024-56215 - WordPress Member Directory and Contact Form plugin <= 1.7.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in DBAR Productions Member Directory and Contact Form pta-member-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Member Directory and Contact Form: from n/a through <= 1.7.0.
6.5
CVE-2024-56235 - WordPress Coupon plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vicky Kumar Coupon coupon-lite allows DOM-Based XSS.This issue affects Coupon: from n/a through <= 1.2.2.
5.9
CVE-2024-56256 - WordPress Embed PDF Viewer plugin <= 2.3.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andy Fragen Embed PDF Viewer embed-pdf-viewer.This issue affects Embed PDF Viewer: from n/a through <= 2.3.1.
7.1
CVE-2024-56265 - WordPress WooCommerce - PDF Vouchers plugin < 4.9.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpweb WooCommerce PDF Vouchers woocommerce-pdf-vouchers allows Reflected XSS.This issue affects WooCommerce PDF Vouchers: from n/a through < 4.9.9.
4.3
CVE-2024-56218 - WordPress Contact Form 7 - Dynamic Text Extension plugin <= 5.0.1 - Cross Site Request Forgery (CSRโฆ
Cross-Site Request Forgery (CSRF) vulnerability in sevenspark Contact Form 7 โ Dynamic Text Extension contact-form-7-dynamic-text-extension allows Cross Site Request Forgery.This issue affects Contact Form 7 โ Dynamic Text Extension: from n/a through <= 5.0.1.
5.4
CVE-2024-56222 - WordPress CodeBard Help Desk plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in CodeBard CodeBard Help Desk codebard-help-desk allows Cross Site Request Forgery.This issue affects CodeBard Help Desk: from n/a through <= 1.1.1.
4.3
CVE-2024-56229 - WordPress SearchIQ plugin <= 4.6 - Cross-Site Requst Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in SearchIQ SearchIQ searchiq.This issue affects SearchIQ: from n/a through <= 4.6.
7.1
CVE-2024-56232 - WordPress WP Nice Loader plugin <= 0.1.0.4 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Alex Volkov WP Nice Loader wp-nice-loader allows Stored XSS.This issue affects WP Nice Loader: from n/a through <= 0.1.0.4.
9.8
CVE-2024-56220 - WordPress SSL Wireless SMS Notification plugin <= 3.6.0 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in sslplugins SSL Wireless SMS Notification ssl-wireless-sms-notification allows Privilege Escalation.This issue affects SSL Wireless SMS Notification: from n/a through <= 3.6.0.