6.5
CVE-2024-51578 - WordPress 3D Presentation plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lpagg 3D Presentation 3d-presentation allows Stored XSS.This issue affects 3D Presentation: from n/a through <= 1.0.
6.5
CVE-2024-51580 - WordPress Clever Addons for Elementor plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zootemplate Clever Addons for Elementor cafe-lite allows Stored XSS.This issue affects Clever Addons for Elementor: from n/a through <= 2.2.1.
6.5
CVE-2024-51581 - WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.6 - Cross Site Scripting (XSS) vulnerβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicheaddons Restaurant & Cafe Addon for Elementor restaurant-cafe-addon-for-elementor allows Stored XSS.This issue affects Restaurant & Cafe Addon for Elementor: from n/a through <= 1.5.6.
6.5
CVE-2024-51583 - WordPress Kento Ads Rotator plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginsPoint Kento Ads Rotator kento-ads-rotator allows Stored XSS.This issue affects Kento Ads Rotator: from n/a through <= 1.3.
6.5
CVE-2024-51584 - WordPress Marquee Elementor with Posts plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in anas2004 Marquee Elementor with Posts marquee-elementor allows DOM-Based XSS.This issue affects Marquee Elementor with Posts: from n/a through <= 1.2.0.
5.3
CVE-2024-11051 - AMTT Hotel Broadband Operation System online_status.php sql injection
A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been classified as critical. Affected is an unknown function of the file /manager/frontdesk/online_status.php. The manipulation of the argument AccountID leads to sql injection. It is possible to launch thβ¦
5.3
CVE-2024-11050 - AMTT Hotel Broadband Operation System language.php cross site scripting
A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204 and classified as problematic. This issue affects some unknown processing of the file /language.php. The manipulation of the argument LangID/LangName/LangEName leads to cross site scripting. The attack may be initβ¦
6.3
CVE-2024-11049 - ZKTeco ZKBio Time Image File photo direct request
A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is an unknown function of the file /auth_files/photo/ of the component Image File Handler. The manipulation leads to direct request. It is possible to launch the attack remotely. The complexity of an attacβ¦
8.7
CVE-2024-11048 - D-Link DI-8003 dbsrv.asp dbsrv_asp stack-based overflow
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been discloβ¦
8.7
CVE-2024-11047 - D-Link DI-8003 upgrade_filter.asp upgrade_filter_asp stack-based overflow
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to stack-based buffer overflow. The attack can be launched remotelβ¦