0.0
CVE-2024-49681 - WordPress WP Sessions Time Monitoring Full Automatic plugin <= 1.0.9 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic activitytime allows SQL Injection.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through <= 1.0.9.
0.0
CVE-2024-49691 - WordPress Product Filter by WBW plugin <= 2.7.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW Plugins Product Filter by WBW woo-product-filter allows SQL Injection.This issue affects Product Filter by WBW: from n/a through <= 2.7.0.
8.3
CVE-2024-5608 - SQL Injection
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in the technician reports feature.
0.0
CVE-2024-49683 - WordPress Schema & Structured Data for WP & AMP plugin <= 1.3.5 - Sensitive Data Exposure vulnerabiโฆ
Missing Authorization vulnerability in Magazine3 Schema & Structured Data for WP & AMP schema-and-structured-data-for-wp allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Schema & Structured Data for WP & AMP: from n/a through <= 1.3.5.
6.1
CVE-2024-49682 - WordPress Simple Membership plugin <= 4.5.3 - Open Redirection vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in wp.insider Simple Membership simple-membership allows Phishing.This issue affects Simple Membership: from n/a through <= 4.5.3.
6.4
CVE-2024-8959 - WP Adminify โ Best WordPress Custom Dashboard Plugin <= 4.0.1.6 - Authenticated (Author+) Stored Crโฆ
The WP Adminify โ Custom WordPress Dashboard, Login and Admin Customizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.0.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenโฆ
6.4
CVE-2024-10176 - Compact WP Audio Player <= 1.9.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via scโฆ
The Compact WP Audio Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sc_embed_player shortcode in all versions up to, and including, 1.9.13 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for โฆ
6.1
CVE-2024-9214 - Extra Product Options Builder for WooCommerce <= 1.2.133 - Unauthenticated Stored Cross-Site Scriptโฆ
The Extra Product Options Builder for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'RednaoSerializedFields' parameter during the creation of a signature file in all versions up to, and including, 1.2.133 due to insufficient input sanitization and output escaโฆ
6.5
CVE-2024-9650 - WP Recipe Maker <= 9.6.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'โฆ
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the โtooltipโ parameter in all versions up to, and including, 9.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level accessโฆ
0.0
CVE-2024-10339 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.