8.7
CVE-2024-11959 - D-Link DIR-605L formResetStatistic buffer overflow
A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. It is possible to initiate the attack remotely. The exploβ¦
6.5
CVE-2024-7747 - Wallet for WooCommerce <= 1.5.6 - Authenticated (Subscriber+) Incorrect Conversion between Numeric β¦
The Wallet for WooCommerce plugin for WordPress is vulnerable to incorrect conversion between numeric types in all versions up to, and including, 1.5.6. This is due to a numerical logic flaw when transferring funds to another user. This makes it possible for authenticated attackers, with Subscriberβ¦
6.5
CVE-2024-53731 - WordPress Fintelligence Calculator plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fintelligence Fintelligence Calculator fintelligence-calculator allows Stored XSS.This issue affects Fintelligence Calculator: from n/a through <= 1.0.3.
7.1
CVE-2024-53732 - WordPress Footer Flyout Widget plugin <= 1.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in wpwox Footer Flyout Widget footer-flyout-widget allows Stored XSS.This issue affects Footer Flyout Widget: from n/a through <= 1.1.
7.1
CVE-2024-53733 - WordPress Fence URL plugin <= 2.0.0 - CSRF to Stored XSS vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in harshtohit111 Fence URL fence-url allows Stored XSS.This issue affects Fence URL: from n/a through <= 2.0.0.
7.1
CVE-2024-53734 - WordPress Idealien Category Enhancements plugin <= 1.2 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Jamie O Idealien Category Enhancements idealien-category-enhancements allows Stored XSS.This issue affects Idealien Category Enhancements: from n/a through <= 1.2.
7.1
CVE-2024-53736 - WordPress Custom Shortcode Sidebars plugin <= 1.2 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Jason Grim Custom Shortcode Sidebars custom-shortcode-sidebars allows Stored XSS.This issue affects Custom Shortcode Sidebars: from n/a through <= 1.2.
7.1
CVE-2024-11402 - WordPress Block Editor Bootstrap Blocks plugin <= 6.6.1 - Reflected Cross Site Scripting (XSS) vulnβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kubiq Block Editor Bootstrap Blocks block-editor-bootstrap-blocks allows Reflected XSS.This issue affects Block Editor Bootstrap Blocks: from n/a through <= 6.6.1.
6.5
CVE-2024-53737 - WordPress WP Mailster plugin <= 1.8.16.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster wp-mailster allows Stored XSS.This issue affects WP Mailster: from n/a through <= 1.8.16.0.
9.3
CVE-2024-52474 - WordPress Express Payments plugin <= 1.1.8 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Π‘Π΅ΡΠ²ΠΈΡ βΠΠΊΡΠΏΡΠ΅ΡΡ ΠΠ»Π°ΡΠ΅ΠΆΠΈβ Express Payments Module express-pay allows Blind SQL Injection.This issue affects Express Payments Module: from n/a through <= 1.1.8.