8.8
CVE-2024-11017 - Grand Vice info Webopac - Arbitrary File Upload
Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells, which could lead to arbitrary code execution on the server.
9.8
CVE-2024-11016 - Grand Vice info Webopac - SQL Injection
Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents.
5.4
CVE-2024-52350 - WordPress CRM 2go plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nrmendez CRM 2go crm2go allows DOM-Based XSS.This issue affects CRM 2go: from n/a through <= 1.0.
5.4
CVE-2024-52351 - WordPress BU Slideshow plugin <= 2.3.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BU Web Team BU Slideshow bu-slideshow allows Stored XSS.This issue affects BU Slideshow: from n/a through <= 2.3.10.
5.4
CVE-2024-52352 - WordPress Postcasa Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in miloandrew Postcasa Shortcode postcasa allows DOM-Based XSS.This issue affects Postcasa Shortcode: from n/a through <= 1.0.
5.4
CVE-2024-52353 - WordPress Christian Science Bible Lesson Subjects plugin <= 2.0 - Cross Site Scripting (XSS) vulnerβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gabriel Serafini Christian Science Bible Lesson Subjects christian-science-bible-lesson-subjects allows DOM-Based XSS.This issue affects Christian Science Bible Lesson Subjects: from n/a through <=β¦
5.4
CVE-2024-52354 - WordPress Web Stories Widgets For Elementor plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cool Plugins Web Stories Widgets For Elementor shortcodes-for-amp-web-stories-and-elementor-widget allows Stored XSS.This issue affects Web Stories Widgets For Elementor: from n/a through <= 1.1.
5.4
CVE-2024-52355 - WordPress OSM β OpenStreetMap plugin <= 6.1.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MiKa OSM osm.This issue affects OSM: from n/a through <= 6.1.2.
5.4
CVE-2024-52356 - WordPress The Pack Elementor addons plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webangon The Pack Elementor addons the-pack-addon allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through <= 2.1.0.
5.4
CVE-2024-52357 - WordPress LIQUID BLOCKS plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lqd LIQUID BLOCKS liquid-blocks allows Stored XSS.This issue affects LIQUID BLOCKS: from n/a through <= 1.2.0.