6.5
CVE-2024-43951 - WordPress Tempera theme <= 1.8.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Tempera allows Stored XSS.This issue affects Tempera: from n/a through 1.8.2.
6.5
CVE-2024-43952 - WordPress Esotera theme <= 1.2.5.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Esotera allows Stored XSS.This issue affects Esotera: from n/a through 1.2.5.1.
6.5
CVE-2024-43953 - WordPress Classic Addons β WPBakery Page Builder plugin <= 3.5 - Cross Site Scripting (XSS) vulneraβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webcodingplace Classic Addons β WPBakery Page Builder classic-addons-wpbakery-page-builder-addons allows Stored XSS.This issue affects Classic Addons β WPBakery Page Builder: from n/a through <= 3.β¦
7.1
CVE-2024-43958 - WordPress Into The Dark theme <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gianni Porto IntoTheDark allows Reflected XSS.This issue affects IntoTheDark: from n/a through 1.0.5.
5.9
CVE-2024-43960 - WordPress Web and WooCommerce Addons for WPBakery Builder plugin <= 1.4.6 - Cross Site Scripting (Xβ¦
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Page Builder Addons Web and WooCommerce Addons for WPBakery Builder allows Stored XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.4.6.
6.5
CVE-2024-43961 - WordPress azurecurve Toggle Show/Hide plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in azurecurve azurecurve Toggle Show/Hide allows Stored XSS.This issue affects azurecurve Toggle Show/Hide: from n/a through 2.1.3.
7.1
CVE-2024-43963 - WordPress Visual CSS Style Editor plugin <= 7.6.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WaspThemes YellowPencil Visual CSS Style Editor allows Reflected XSS.This issue affects YellowPencil Visual CSS Style Editor: from n/a through 7.6.1.
6.5
CVE-2024-43964 - WordPress DSGVO All in one for WP plugin <= 4.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Leithold DSGVO All in one for WP allows Stored XSS.This issue affects DSGVO All in one for WP: from n/a through 4.5.
5.9
CVE-2024-45056 - `fold (xor (shl 1, x), -1) -> (rotl ~1, x)` misoptimization in zksolc
zksolc is a Solidity compiler for ZKsync. All LLVM versions since 2015 fold `(xor (shl 1, x), -1)` to `(rotl ~1, x)` if run with optimizations enabled. Here `~1` is generated as an unsigned 64 bits number (`2^64-1`). This number is zero-extended to 256 bits on EraVM target while it should have beenβ¦
6.3
CVE-2024-45045 - JavaScript Injection via url encoded values in links in Collabora Office Android
Collabora Online is a collaborative online office suite based on LibreOffice technology. In the mobile (Android/iOS) device variants of Collabora Online it was possible to inject JavaScript via url encoded values in links contained in documents. Since the Android JavaScript interface allows access β¦