6.5
CVE-2024-51682 - WordPress HT Builder โ WordPress Theme Builder for Elementor plugin <= 1.3.0 - Stored Cross Site Scโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Builder โ WordPress Theme Builder for Elementor ht-builder allows Stored XSS.This issue affects HT Builder โ WordPress Theme Builder for Elementor: from n/a through <= 1.3.0.
6.5
CVE-2024-51683 - WordPress Custom post type templates for Elementor plugin <= 1.10.1 - Stored Cross Site Scripting (โฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Custom post type templates for Elementor custom-post-type-templates-for-elementor allows Stored XSS.This issue affects Custom post type templates for Elementor: from n/a through <= 1.10.1.
5.9
CVE-2024-51685 - WordPress Accordion title for Elementor plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Gangolf Accordion title for Elementor allows Stored XSS.This issue affects Accordion title for Elementor: from n/a through 1.2.1.
8.5
CVE-2024-51626 - WordPress Woocommerce Quote Calculator plugin <= 1.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in chenyenming Woocommerce Quote Calculator woo-quote-calculator-order allows Blind SQL Injection.This issue affects Woocommerce Quote Calculator: from n/a through <= 1.1.
7.6
CVE-2024-51672 - WordPress BetterLinks plugin <= 2.1.7 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPDeveloper BetterLinks betterlinks allows SQL Injection.This issue affects BetterLinks: from n/a through <= 2.1.7.
7.5
CVE-2024-50528 - WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Retrieve Embedded Sensitive Data.This issue affects Stacks Mobile App Builder: from n/a through <= 5.2.3.
10
CVE-2024-50523 - WordPress All Post Contact Form plugin <= 1.8.2 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in RainbowLink Inc. All Post Contact Form allpost-contactform allows Upload a Web Shell to a Web Server.This issue affects All Post Contact Form: from n/a through <= 1.8.2.
10
CVE-2024-50525 - WordPress Helloprint plugin <= 2.0.4 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in helloprint Helloprint helloprint allows Upload a Web Shell to a Web Server.This issue affects Helloprint: from n/a through <= 2.0.4.
10
CVE-2024-50526 - WordPress Multi Purpose Mail Form plugin <= 1.0.2 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Lindeni Mahlalela Multi Purpose Mail Form multi-purpose-mail-form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a through <= 1.0.2.
10
CVE-2024-50527 - WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Upload a Web Shell to a Web Server.This issue affects Stacks Mobile App Builder: from n/a through <= 5.2.3.