5.3

CVSS4.0

CVE-2024-6932 - ClassCMS cross site scripting

A vulnerability was found in ClassCMS 4.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/?action=home&do=shop:index&keyword=&kind=all. The manipulation of the argument order leads to cross site scripting. The attack can be launche…

πŸ“… Published: July 20, 2024, 9:31 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:50 a.m.

6.4

CVSS3.1

CVE-2024-6848 - Post and Page Builder by BoldGrid – Visual Drag and Drop Editor <= 1.26.6 - Authenticated (Contribu…

The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 1.26.6 due to insufficient input sanitization and output escaping affecting the boldgrid_canvas_image AJAX end…

πŸ“… Published: July 20, 2024, 11:18 a.m. πŸ”„ Last Modified: April 8, 2026, 4:51 p.m.

5.9

CVSS3.1

CVE-2024-37561 - WordPress Plugin Notes Plus plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jamie Bergen Plugin Notes Plus allows Stored XSS.This issue affects Plugin Notes Plus: from n/a through 1.2.6.

πŸ“… Published: July 20, 2024, 9:18 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.9

CVSS3.1

CVE-2024-37562 - WordPress Simple Post Notes plugin <= 1.7.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BracketSpace Simple Post Notes allows Stored XSS.This issue affects Simple Post Notes: from n/a through 1.7.7.

πŸ“… Published: July 20, 2024, 9:15 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-37563 - WordPress TOCHAT.BE plugin <= 1.3.0 - Unauthenticated Stored Cross Site Scripting (XSS) vulnerabili…

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TOCHAT.BE allows Stored XSS.This issue affects TOCHAT.BE: from n/a through 1.3.0.

πŸ“… Published: July 20, 2024, 9:04 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.9

CVSS3.1

CVE-2024-37565 - WordPress Gum Elementor Addon plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TemeGUM Gum Elementor Addon allows Stored XSS.This issue affects Gum Elementor Addon: from n/a through 1.3.5.

πŸ“… Published: July 20, 2024, 9:02 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.5

CVSS3.1

CVE-2024-37918 - WordPress ConeBlog plugin <= 1.4.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPCone ConeBlog – WordPress Blog Widgets coneblog-widgets.This issue affects ConeBlog – WordPress Blog Widgets: from n/a through <= 1.4.8.

πŸ“… Published: July 20, 2024, 9:01 a.m. πŸ”„ Last Modified: April 23, 2026, 3:18 p.m.

5.9

CVSS3.1

CVE-2024-37919 - WordPress Timeline Module for Beaver Builder plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerabi…

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pratik Chaskar Timeline Module for Beaver Builder allows Stored XSS.This issue affects Timeline Module for Beaver Builder: from n/a through 1.1.3.

πŸ“… Published: July 20, 2024, 9 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.1

CVSS3.1

CVE-2024-37920 - WordPress ARForms Form Builder plugin <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Repute InfoSystems ARForms Form Builder allows Reflected XSS.This issue affects ARForms Form Builder: from n/a through 1.6.7.

πŸ“… Published: July 20, 2024, 8:58 a.m. πŸ”„ Last Modified: Jan. 23, 2026, 7:47 p.m.

6.5

CVSS3.1

CVE-2024-37922 - WordPress Premium Addons for Elementor plugin <= 4.10.34 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor.This issue affects Premium Addons for Elementor: from n/a through <= 4.10.34.

πŸ“… Published: July 20, 2024, 8:57 a.m. πŸ”„ Last Modified: April 23, 2026, 3:18 p.m.
Total resulsts: 349182
Page 9092 of 34,919
Β« previous page Β» next page
Filters