6.5
CVE-2024-56231 - WordPress SaasPricing plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Debuggers Studio SaasPricing saaspricing allows DOM-Based XSS.This issue affects SaasPricing: from n/a through <= 1.2.4.
7.1
CVE-2024-56233 - WordPress Kintpv Wooconnect plugin <= 8.129 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kinhelios KinTPV WooConnect kintpv-connect allows Stored XSS.This issue affects KinTPV WooConnect: from n/a through <= 8.129.
5.4
CVE-2024-56234 - WordPress VW Automobile Lite theme <= 2.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in vowelweb VW Automobile Lite vw-automobile-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Automobile Lite: from n/a through <= 2.1.
4.3
CVE-2024-56227 - WordPress Royal Elementor Addons plugin <= 1.7.1001 - Broken Access Control vulnerability
Missing Authorization vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through <= 1.7.1001.
5.4
CVE-2024-56225 - WordPress Premium Addons for Elementor plugin <= 4.10.56 - Broken Access Control vulnerability
Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Premium Addons for Elementor: from n/a through <= 4.10.56.
4.3
CVE-2024-56219 - WordPress Widget Options plugin <= 4.0.6.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Marketing Fire Widget Options widget-options allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widget Options: from n/a through <= 4.0.6.1.
4.3
CVE-2024-56217 - WordPress Download Manager plugin <= 3.3.03 - Broken Access Control vulnerability
Missing Authorization vulnerability in Shahjada Download Manager download-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Manager: from n/a through <= 3.3.03.
4.3
CVE-2024-56215 - WordPress Member Directory and Contact Form plugin <= 1.7.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in DBAR Productions Member Directory and Contact Form pta-member-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Member Directory and Contact Form: from n/a through <= 1.7.0.
6.5
CVE-2024-56235 - WordPress Coupon plugin <= 1.2.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vicky Kumar Coupon coupon-lite allows DOM-Based XSS.This issue affects Coupon: from n/a through <= 1.2.2.
5.9
CVE-2024-56256 - WordPress Embed PDF Viewer plugin <= 2.3.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andy Fragen Embed PDF Viewer embed-pdf-viewer.This issue affects Embed PDF Viewer: from n/a through <= 2.3.1.