4.6
CVE-2024-45477 - Apache NiFi: Improper Neutralization of Input in Parameter Description
Apache NiFi 1.10.0 through 1.27.0 and 2.0.0-M1 through 2.0.0-M3 support a description field for Parameters in a Parameter Context configuration that is vulnerable to cross-site scripting. An authenticated user, authorized to configure a Parameter Context, can enter arbitrary JavaScript code, which β¦
6.1
CVE-2024-49642 - WordPress Todo Custom Field plugin <= 3.0.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rafasashi Todo Custom Field todo-custom-field allows Reflected XSS.This issue affects Todo Custom Field: from n/a through <= 3.0.4.
4.8
CVE-2024-50411 - WordPress WP Abstracts plugin <= 2.7.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kevon Adonis WP Abstracts wp-abstracts-manuscripts-manager allows Stored XSS.This issue affects WP Abstracts: from n/a through <= 2.7.1.
0.0
CVE-2024-50412 - WordPress Conditional Fields for Contact Form 7 plugin <= 2.4.15 - Cross Site Scripting (XSS) vulnβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Stored XSS.This issue affects Conditional Fields for Contact Form 7: from n/a through <= 2.4.15.
0.0
CVE-2024-50413 - WordPress Import and export users and customers plugin <= 1.27.5 - Cross Site Scripting (XSS) vulneβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta allows Stored XSS.This issue affects Import and export users and customers: from n/a through <= 1.27.5.
0.0
CVE-2024-50414 - WordPress Button contact VR plugin <= 4.7.9.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Buttonizer Button contact VR button-contact-vr allows Stored XSS.This issue affects Button contact VR: from n/a through <= 4.7.9.1.
0.0
CVE-2024-50415 - WordPress Ads.txt & App-ads.txt Manager for WordPress plugin <= 1.1.7.1 - Stored Cross Site Scriptiβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pagup Ads.txt & App-ads.txt Manager for WordPress app-ads-txt allows Stored XSS.This issue affects Ads.txt & App-ads.txt Manager for WordPress: from n/a through <= 1.1.7.1.
0.0
CVE-2024-50418 - WordPress Time Slot plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Time Slot Booking Time Slot timeslot allows DOM-Based XSS.This issue affects Time Slot: from n/a through <= 1.3.6.
4.8
CVE-2024-50426 - WordPress Survey Maker plugin <= 5.0.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through <= 5.0.2.
0.0
CVE-2024-50475 - WordPress Signup Page plugin <= 1.0 - Arbitrary Option Update to Privilege Escalation vulnerability
Missing Authorization vulnerability in Scott Gamon Signup Page signup-page allows Privilege Escalation.This issue affects Signup Page: from n/a through <= 1.0.