9
CVE-2024-51815 - WordPress s2Member plugin <= 241114 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code ('Code Injection') vulnerability in CristiΓ‘n LΓ‘vaque s2Member s2member allows Code Injection.This issue affects s2Member: from n/a through <= 241114.
5.4
CVE-2024-53806 - WordPress Maspik plugin <= 2.2.7 - CSRF to Settings Change vulnerability
Missing Authorization vulnerability in yonifre Maspik β Spam blacklist contact-forms-anti-spam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Maspik β Spam blacklist: from n/a through <= 2.2.7.
4.3
CVE-2024-53809 - WordPress Namaste! LMS plugin <= 2.6.4.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Bob Namaste! LMS namaste-lms allows Cross Site Request Forgery.This issue affects Namaste! LMS: from n/a through <= 2.6.4.1.
8.5
CVE-2024-53807 - WordPress WP Mailster plugin <= 1.8.16.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in brandtoss WP Mailster wp-mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through <= 1.8.16.0.
8.5
CVE-2024-53808 - WordPress NEX-Forms plugin <= 8.7.8 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows SQL Injection.This issue affects NEX-Forms: from n/a through <= 8.7.8.
8.5
CVE-2024-53815 - WordPress Pinpoint Booking System plugin <= 2.9.9.5.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in DOTonPAPER Pinpoint Booking System booking-system allows Blind SQL Injection.This issue affects Pinpoint Booking System: from n/a through <= 2.9.9.5.1.
7.6
CVE-2024-53817 - WordPress Acowebs Product Labels For Woocommerce plugin <= 1.5.8 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in acowebs Product Labels For Woocommerce aco-product-labels-for-woocommerce allows Blind SQL Injection.This issue affects Product Labels For Woocommerce: from n/a through <= 1.5.8.
7.5
CVE-2024-53804 - WordPress WP Mailster plugin <= 1.8.16.0 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster wp-mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through <= 1.8.16.0.
6.6
CVE-2024-53811 - WordPress WDesignKit plugin <= 1.0.40 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit wdesignkit allows Upload a Web Shell to a Web Server.This issue affects WDesignkit: from n/a through <= 1.0.40.
7.5
CVE-2024-53824 - WordPress All Bootstrap Blocks plugin <= 1.3.20 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in all_bootstrap_blocks All Bootstrap Blocks all-bootstrap-blocks allows PHP Local File Inclusion.This issue affects All Bootstrap Blocks: from n/a through <= 1.3.19.