6.5
CVE-2024-53791 - WordPress Lenxel Core plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ogun Labs Lenxel Core for Lenxel(LNX) LMS lenxel-core allows DOM-Based XSS.This issue affects Lenxel Core for Lenxel(LNX) LMS: from n/a through <= 1.3.9.
5.4
CVE-2024-53798 - WordPress FloristPress plugin <= 7.3.0 - Nonce Leakage to Broken Access Control vulnerability
Missing Authorization vulnerability in BAKKBONE Australia FloristPress bakkbone-florist-companion.This issue affects FloristPress: from n/a through <= 7.3.0.
6.5
CVE-2024-53818 - WordPress PostX plugin <= 4.1.15 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post.This issue affects PostX: from n/a through <= 4.1.15.
7.1
CVE-2024-54219 - WordPress AIO Contact plugin <= 2.8.1 - Unauthenticated Site-Wide Cross Site Scripting (XSS) vulnerβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thehp AIO Contact aio-contact.This issue affects AIO Contact: from n/a through <= 2.8.1.
7.1
CVE-2024-54220 - WordPress FAT Services Booking plugin <= 5.6 - Subscriber+ Site-Wide Cross Site Scripting (XSS) vulβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in roninwp FAT Services Booking fat-services-booking allows Stored XSS.This issue affects FAT Services Booking: from n/a through <= 5.6.
6.5
CVE-2024-54247 - WordPress ABCBiz Addons and Templates for Elementor plugin <= 2.0.2 - Stored Cross Site Scripting β¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ABCBiz ABCBiz Addons and Templates for Elementor allows Stored XSS.This issue affects ABCBiz Addons and Templates for Elementor: from n/a through 2.0.2.
6.5
CVE-2024-54253 - WordPress Xpro Addons For Elementor plugin <= 1.4.6.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons.This issue affects Xpro Elementor Addons: from n/a through <= 1.4.6.5.
6.3
CVE-2024-54254 - WordPress Message Filter for Contact Form 7 plugin <= 1.6.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Kofi Mokome Message Filter for Contact Form 7 cf7-message-filter.This issue affects Message Filter for Contact Form 7: from n/a through <= 1.6.3.
5.3
CVE-2024-53819 - WordPress Client Invoicing by Sprout Invoices plugin <= 20.8.0 - Insecure Direct Object References β¦
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.0.
9.3
CVE-2024-54215 - WordPress Revy plugin <= 1.18 - Unauthenticated SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in roninwp Revy revy.This issue affects Revy: from n/a through <= 1.18.