6.5
CVE-2024-37936 - WordPress Tabs For WPBakery Page Builder plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in labibahmed Tabs For WPBakery Page Builder allows Stored XSS.This issue affects Tabs For WPBakery Page Builder: from n/a through 1.2.
5.8
CVE-2024-37943 - WordPress YITH WooCommerce Ajax Product Filter plugin <= 5.1.0 - Reflected Cross Site Scripting (XSβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YITHEMES YITH WooCommerce Ajax Product Filter yith-woocommerce-ajax-navigation.This issue affects YITH WooCommerce Ajax Product Filter: from n/a through <= 5.1.0.
6.5
CVE-2024-37944 - WordPress WP Travel Engine β Tour Booking Plugin β Tour Operator Software plugin <= 5.9.1 - Cross Sβ¦
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Travel Engine allows Stored XSS.This issue affects WP Travel Engine: from n/a through 5.9.1.
5.9
CVE-2024-37946 - WordPress ReCaptcha Integration for WordPress plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerabβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in weDevs ReCaptcha Integration for WordPress wp-recaptcha-integration allows DOM-Based XSS.This issue affects ReCaptcha Integration for WordPress: from n/a through <= 1.2.7.
8.8
CVE-2024-6497 - SEO Plugin by Squirrly SEO <= 12.3.19 - Authenticated (Contributor+) SQL Injection via url Parameter
The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βurlβ parameter in all versions up to, and including, 12.3.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-levβ¦
5.9
CVE-2024-37947 - WordPress Tutor LMS plugin <= 2.7.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themeum Tutor LMS allows Stored XSS.This issue affects Tutor LMS: from n/a through 2.7.2.
6.5
CVE-2024-37948 - WordPress Caxton β Create Pro page layouts in Gutenberg plugin <= 1.30.1 - Cross Site Scripting (XSβ¦
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PootlePress Caxton β Create Pro page layouts in Gutenberg allows Stored XSS.This issue affects Caxton β Create Pro page layouts in Gutenberg: from n/a through 1.30.1.
6.5
CVE-2024-37949 - WordPress Responsive Mobile theme <= 1.15.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CyberChimps Responsive Mobile allows Stored XSS.This issue affects Responsive Mobile: from n/a through 1.15.1.
5.9
CVE-2024-37950 - WordPress Master Popups plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodexHelp Master Popups allows Stored XSS.This issue affects Master Popups: from n/a through 1.0.3.
6.5
CVE-2024-37951 - WordPress Magical Posts Display plugin <= 1.2.38 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Noor alam Magical Posts Display β Elementor & Gutenberg Posts Blocks allows Stored XSS.This issue affects Magical Posts Display β Elementor & Gutenberg Posts Blocks: from n/a through 1.2.38.