7.1
CVE-2024-43126 - WordPress Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce plugin <= 2.6.14 …
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sender Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce allows Reflected XSS.This issue affects Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce…
7.1
CVE-2024-43127 - WordPress Products, Order & Customers Export for WooCommerce plugin <= 2.0.11 - Reflected Cross Si…
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPFactory Products, Order & Customers Export for WooCommerce allows Reflected XSS.This issue affects Products, Order & Customers Export for WooCommerce: from n/a through 2.0.11.
5.1
CVE-2024-7706 - Fujian mwcms uploadfile.html uploadimage unrestricted upload
A vulnerability was found in Fujian mwcms 1.0.0. It has been rated as critical. Affected by this issue is the function uploadimage of the file /uploadfile.html. The manipulation of the argument upfile leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed …
5.1
CVE-2024-7705 - Fujian mwcms Image Upload uploadeditor.html uploadeditor unrestricted upload
A vulnerability was found in Fujian mwcms 1.0.0. It has been declared as critical. Affected by this vulnerability is the function uploadeditor of the file /uploadeditor.html?action=uploadimage of the component Image Upload. The manipulation of the argument upfile leads to unrestricted upload. The a…
5.9
CVE-2024-43130 - WordPress Football Pool plugin <= 2.11.10 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Antoine Hurkmans Football Pool allows Stored XSS.This issue affects Football Pool: from n/a through 2.11.10.
6.5
CVE-2024-43133 - WordPress Themify Shortcodes plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themify Themify Shortcodes allows Stored XSS.This issue affects Themify Shortcodes: from n/a through 2.1.1.
5.9
CVE-2024-43137 - WordPress WappPress Basic plugin <= 6.0.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WappPress Team WappPress allows Stored XSS.This issue affects WappPress: from n/a through 6.0.4.
6.5
CVE-2024-43139 - WordPress Football Pool plugin <= 2.11.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Antoine Hurkmans Football Pool allows Stored XSS.This issue affects Football Pool: from n/a through 2.11.9.
6.5
CVE-2024-43147 - WordPress Selection Lite plugin <= 1.11 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Merkulove Selection Lite allows Stored XSS.This issue affects Selection Lite: from n/a through 1.11.
5.9
CVE-2024-43148 - WordPress StreamCast <= 2.2.3 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bPlugins StreamCast allows Stored XSS.This issue affects StreamCast: from n/a through 2.2.3.