7.1
CVE-2024-56034 - WordPress Services updates for customers plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulneβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Irshad A.Khan Services updates for customers service-updates-for-customers allows Reflected XSS.This issue affects Services updates for customers: from n/a through <= 1.0.
7.1
CVE-2024-56035 - WordPress Upload Scanner plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kurt Payne Upload Scanner upload-scanner allows Reflected XSS.This issue affects Upload Scanner: from n/a through <= 1.2.
7.1
CVE-2024-56036 - WordPress odPhotogallery plugin <= 0.5.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ondrej Donek odPhotogallery od-photogallery-plugin allows Reflected XSS.This issue affects odPhotogallery: from n/a through <= 0.5.3.
7.1
CVE-2024-56037 - WordPress User Referral plugin <= 8.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftClever Limited User Referral user-referral-free allows Reflected XSS.This issue affects User Referral: from n/a through <= 8.0.
7.1
CVE-2024-56038 - WordPress SendSMS Plugin <= 1.2.9 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catalinsendsms SendSMS sendsms allows Reflected XSS.This issue affects SendSMS: from n/a through <= 1.2.9.
7.1
CVE-2024-56060 - WordPress HTML Forms plugin <= 1.4.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Software LLC HTML Forms html-forms allows Reflected XSS.This issue affects HTML Forms: from n/a through <= 1.4.1.
7.1
CVE-2024-56069 - WordPress WP SuperBackup plugin <= 2.3.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Reflected XSS.This issue affects WP SuperBackup: from n/a through <= 2.3.3.
7.2
CVE-2024-13062 -
An unintended entry point vulnerability has been identified in certain router models, which may allow for arbitrary command execution. Refer to the 'Β 01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information.
7.2
CVE-2024-12912 -
An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the '01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information.
5.3
CVE-2024-13093 - code-projects Job Recruitment Seeker Profile _call_main_search_ajax.php sql injection
A vulnerability, which was classified as critical, has been found in code-projects Job Recruitment 1.0. This issue affects some unknown processing of the file /_parse/_call_main_search_ajax.php of the component Seeker Profile Handler. The manipulation of the argument s1 leads to sql injection. The β¦