6.5
CVE-2024-49277 - WordPress UltraAddons β Elementor Addons plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saiful Islam UltraAddons Elementor Lite ultraaddons-elementor-lite allows Stored XSS.This issue affects UltraAddons Elementor Lite: from n/a through <= 2.0.2.
6.5
CVE-2024-49278 - WordPress Omnipress plugin <= 1.4.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in omnipressteam Omnipress omnipress allows Stored XSS.This issue affects Omnipress: from n/a through <= 1.4.3.
6.5
CVE-2024-49279 - WordPress Hyperlink Group Block plugin <= 1.17.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel Floeter Hyperlink Group Block hyperlink-group-block allows Stored XSS.This issue affects Hyperlink Group Block: from n/a through <= 1.17.5.
6.5
CVE-2024-49280 - WordPress Lightbox slider -- Responsive Lightbox Gallery plugin <= 1.10.6 - Cross Site Scripting (Xβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Weblizar - WordPress Themes & Plugin Lightbox slider β Responsive Lightbox Gallery simple-lightbox-gallery allows Stored XSS.This issue affects Lightbox slider β Responsive Lightbox Gallery: frβ¦
6.5
CVE-2024-49281 - WordPress Click to Chat β WP Support All-in-One Floating Widget plugin <= 2.3.3 - Cross Site Scriptβ¦
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Ninja Team Click to Chat β WP Support All-in-One Floating Widget support-chat allows Stored XSS.This issue affects Click to Chat β WP Support All-in-One Floating Widget: from n/a through <= 2β¦
5.9
CVE-2024-49282 - WordPress Responsive Lightbox & Gallery plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dFactory Responsive Lightbox responsive-lightbox allows Stored XSS.This issue affects Responsive Lightbox: from n/a through <= 2.4.8.
7.1
CVE-2024-49283 - WordPress CURCY plugin <= 2.2.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme CURCY woo-multi-currency allows Reflected XSS.This issue affects CURCY: from n/a through <= 2.2.3.
5.9
CVE-2024-49288 - WordPress Email Template Customizer for WooCommerce plugin <= 1.2.9.1 - Cross Site Scripting (XSS) β¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VillaTheme Email Template Customizer for WooCommerce email-template-customizer-for-woo allows Stored XSS.This issue affects Email Template Customizer for WooCommerce: from n/a through <= 1.2.9.1.
6.5
CVE-2024-49289 - WordPress Cooked Pro plugin < 1.8.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gora Tech LLC Cooked Pro allows Stored XSS.This issue affects Cooked Pro: from n/a before 1.8.0.
6.5
CVE-2024-49292 - WordPress Exclusive Addons for Elementor plugin <= 2.7.1 - Cross-Site Scripting vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive Addons Elementor exclusive-addons-for-elementor allows Stored XSS.This issue affects Exclusive Addons Elementor: from n/a through <= 2.7.1.