1.8
CVE-2024-5532 - A stored XSS vulnerability has been discovered on OpenTextโข Operations Agent (OA).
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenTextโข Operations Agent.ย The XSS vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the Agent on the local systeโฆ
5.4
CVE-2024-9825 - The Chef Habitat builder is impacted by Indirect Object reference(IDOR) by deletion of personal accโฆ
The Chef Habitat builder-api on-prem-builder package ย with any version lower than habitat/builder-api/10315/20240913162802 is vulnerable to indirect object reference (IDOR) by un-authorized deletion of personal token. ย Habitat builder consumes builder-api habitat package as a dependency and the vulโฆ
6.5
CVE-2024-50429 - WordPress Magazine Blocks plugin <= 1.3.15 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlockArt Magazine Blocks magazine-blocks allows DOM-Based XSS.This issue affects Magazine Blocks: from n/a through <= 1.3.15.
5.9
CVE-2024-50431 - WordPress Breeze plugin <= 2.1.14 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cloudways Breeze breeze allows Stored XSS.This issue affects Breeze: from n/a through <= 2.1.14.
6.5
CVE-2024-50432 - WordPress Post Grid and Gutenberg Blocks plugin <= 2.2.93 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks post-grid allows Cross-Site Scripting (XSS).This issue affects Post Grid and Gutenberg Blocks: from n/a through <= 2.2.93.
6.5
CVE-2024-50433 - WordPress Sky Addons for Elementor plugin <= 2.5.15 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wowDevs Sky Addons for Elementor sky-elementor-addons allows Cross-Site Scripting (XSS).This issue affects Sky Addons for Elementor: from n/a through <= 2.5.15.
6.5
CVE-2024-50437 - WordPress GeoDirectory plugin <= 2.3.80 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paolo GeoDirectory geodirectory allows Stored XSS.This issue affects GeoDirectory: from n/a through <= 2.3.80.
7.1
CVE-2024-50438 - WordPress Church Admin plugin < 5.0.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andy_moyle Church Admin church-admin allows Reflected XSS.This issue affects Church Admin: from n/a through < 5.0.0.
6.5
CVE-2024-50439 - WordPress Astra Widgets plugin <= 1.2.14 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets astra-widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through <= 1.2.14.
6.5
CVE-2024-50440 - WordPress CodePen Embedded Pens Shortcode plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode codepen-embedded-pen-shortcode allows Stored XSS.This issue affects CodePen Embedded Pens Shortcode: from n/a through <= 1.0.2.