0.0
CVE-2024-56255 - WordPress AyeCode Connect plugin <= 1.3.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in Stiofan AyeCode Connect ayecode-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AyeCode Connect: from n/a through <= 1.3.8.
5.4
CVE-2024-56254 - WordPress Move Addons for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in moveaddons Move Addons for Elementor move-addons allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through <= 1.3.6.
0.0
CVE-2024-56253 - WordPress Data Tables Generator by Supsystic plugin <= 1.10.36 - Broken Access Control vulnerability
Missing Authorization vulnerability in supsystic Data Tables Generator by Supsystic data-tables-generator-by-supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Data Tables Generator by Supsystic: from n/a through <= 1.10.36.
5.4
CVE-2024-56252 - WordPress Enter Addons plugin <= 2.1.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themelooks Enter Addons enteraddons allows Stored XSS.This issue affects Enter Addons: from n/a through <= 2.1.9.
0.0
CVE-2024-56251 - WordPress Event Espresso plugin <= 5.0.28.decaf - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Event Espresso Event Espresso 4 Decaf event-espresso-decaf allows Cross Site Request Forgery.This issue affects Event Espresso 4 Decaf: from n/a through <= 5.0.28.decaf.
0.0
CVE-2024-56250 - WordPress Just Writing Statistics plugin <= 4.7 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Greg Ross Just Writing Statistics just-writing-statistics allows SQL Injection.This issue affects Just Writing Statistics: from n/a through <= 4.7.
0.0
CVE-2024-56249 - WordPress WPMasterToolKit plugin <= 1.13.1 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Ludwig You WPMasterToolKit wpmastertoolkit allows Upload a Web Shell to a Web Server.This issue affects WPMasterToolKit: from n/a through <= 1.13.1.
0.0
CVE-2024-56248 - WordPress WPMasterToolKit plugin <= 1.13.1 - Arbitrary File Download vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ludwig You WPMasterToolKit wpmastertoolkit allows Path Traversal.This issue affects WPMasterToolKit: from n/a through <= 1.13.1.
7.2
CVE-2024-56247 - WordPress WP Post Author plugin <= 3.8.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AF themes WP Post Author wp-post-author allows SQL Injection.This issue affects WP Post Author: from n/a through <= 3.8.2.
0.0
CVE-2024-56246 - WordPress Nexter Blocks plugin <= 4.0.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows DOM-Based XSS.This issue affects Nexter Blocks: from n/a through <= 4.0.4.