0.0
CVE-2024-52410 - WordPress Referrer Detector plugin <= 4.2.1.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Phoenixheart Referrer Detector referrer-detector allows Object Injection.This issue affects Referrer Detector: from n/a through <= 4.2.1.0.
0.0
CVE-2024-52411 - WordPress Advanced Personalization plugin <= 1.1.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in flowcraft Advanced Personalization personalization-by-flowcraft allows Object Injection.This issue affects Advanced Personalization: from n/a through <= 1.1.2.
9.8
CVE-2024-52412 - WordPress Xin theme <= 1.0.8.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Stephen Cui Xin allows Object Injection.This issue affects Xin: from n/a through 1.0.8.1.
0.0
CVE-2024-52413 - WordPress Airin Blog theme <= 1.6.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in dmcwebzone Airin Blog airin-blog allows Object Injection.This issue affects Airin Blog: from n/a through <= 1.6.1.
0.0
CVE-2024-52414 - WordPress WDES Responsive Mobile Menu plugin <= 5.3.18 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu wdes-responsive-mobile-menu allows Object Injection.This issue affects WDES Responsive Mobile Menu: from n/a through <= 5.3.18.
0.0
CVE-2024-52386 - WordPress Classified Listing plugin <= 3.1.16 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Classified Listing classified-listing allows PHP Local File Inclusion.This issue affects Classified Listing: from n/a through <= 3.1.16.
0.0
CVE-2024-52415 - WordPress SK WP Settings Backup plugin <= 1.0 - CSRF to PHP Object Injection vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in skipstorm SK WP Settings Backup sk-wp-settings-backup allows Object Injection.This issue affects SK WP Settings Backup: from n/a through <= 1.0.
0.0
CVE-2024-52416 - WordPress Debug Tool plugin <= 2.2 - Remote Code Execution vulnerability
Missing Authorization vulnerability in Eugen Bobrowski Debug Tool debug-tool allows Upload a Web Shell to a Web Server.This issue affects Debug Tool: from n/a through <= 2.2.
5.3
CVE-2024-11094 - 404 Solution <= 2.35.17 - Missing Authentication to Sensitive Information Exposure
The 404 Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.35.17 via the export feature. This makes it possible for unauthenticated attackers to extract data such as redirects including GET parameters which may reveal sensitive infoβ¦
6.4
CVE-2024-10592 - Mapster WP Maps <= 1.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Mapster WP Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the popup class parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acceβ¦