8.5
CVE-2024-38708 - WordPress Barcode Scanner and Inventory manager plugin <= 1.6.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders.This issue affects Barcode Scanner with Inventory &β¦
8.5
CVE-2024-38755 - WordPress DirectoryPress plugin <= 3.6.10 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Designinvento DirectoryPress allows SQL Injection.This issue affects DirectoryPress: from n/a through 3.6.10.
9.3
CVE-2024-38773 - WordPress formlift plugin <= 7.5.17 - Unauthenticated Blind SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms allows Blind SQL Injection.This issue affects FormLift for Infusionsoft Web Forms: from n/a through 7.5.17.
7.6
CVE-2024-38788 - WordPress UiPress lite plugin <= 3.4.06 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bα»i Admin 2020 UiPress lite allows SQL Injection.This issue affects UiPress lite: from n/a through 3.4.06.
6.5
CVE-2024-33933 - WordPress Elementor Header & Footer Builder plugin <= 1.6.35 - Contributor+ DOM-Based Cross Site Scβ¦
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force, Nikhil Chavan Elementor β Header, Footer & Blocks Template allows DOM-Based XSS.This issue affects Elementor β Header, Footer & Blocks Template: from n/a through 1.6.35.
7.1
CVE-2024-35656 - WordPress Elementor Pro <= 3.21.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Elementor Elementor Pro allows Reflected XSS.This issue affects Elementor Pro: from n/a through 3.21.2.
7.1
CVE-2024-37097 - WordPress Shortcodes by United Themes plugin < 5.0.5 - Reflected Cross Site Scripting (XSS) vulneraβ¦
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in UnitedThemes Shortcodes by United Themes allows Reflected XSS.This issue affects Shortcodes by United Themes: from n/a before 5.0.5.
6.5
CVE-2024-37100 - WordPress Elegant Themes Icons plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mayur Somani, threeroutes media Elegant Themes Icons allows Stored XSS.This issue affects Elegant Themes Icons: from n/a through 1.3.
6.5
CVE-2024-37101 - WordPress WP Post Author plugin <= 3.6.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AF themes WP Post Author allows Stored XSS.This issue affects WP Post Author: from n/a through 3.6.7.
6.5
CVE-2024-6542 - Livestatus injection in mknotifyd
Improper neutralization of livestatus command delimiters in mknotifyd in Checkmk <= 2.0.0p39, < 2.1.0p47, < 2.2.0p32 and < 2.3.0p11 allows arbitrary livestatus command execution.