0.0
CVE-2024-54350 - WordPress hmd theme <= 2.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hjyl hmd hmd allows Stored XSS.This issue affects hmd: from n/a through <= 2.0.
0.0
CVE-2024-56010 - WordPress Device Detector Plugin <= 4.2.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lannoy Device Detector device-detector allows Reflected XSS.This issue affects Device Detector: from n/a through <= 4.2.0.
0.0
CVE-2024-56016 - WordPress Image Mapper plugin <= 0.2.5.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in maartenhemmes Image Mapper image-mapper allows Reflected XSS.This issue affects Image Mapper: from n/a through <= 0.2.5.3.
0.0
CVE-2024-55975 - WordPress Dr Affiliate plugin <= 1.2.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rohit Urane Dr Affiliate dr-affiliate allows SQL Injection.This issue affects Dr Affiliate: from n/a through <= 1.2.3.
0.0
CVE-2024-55983 - WordPress PowerFormBuilder plugin <= 1.0.6 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PowerFormBuilder PowerFormBuilder power-forms-builder allows SQL Injection.This issue affects PowerFormBuilder: from n/a through <= 1.0.6.
0.0
CVE-2024-55984 - WordPress Saksh Escrow System plugin <= 2.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susheelhbti Saksh Escrow System saksh-escrow-system allows SQL Injection.This issue affects Saksh Escrow System: from n/a through <= 2.4.
0.0
CVE-2024-55985 - WordPress YDS Support Ticket System plugin <= 1.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ydesignservices YDS Support Ticket System yds-support-ticket-system allows SQL Injection.This issue affects YDS Support Ticket System: from n/a through <= 1.0.
0.0
CVE-2024-54270 - WordPress Axeptio plugin <= 2.5.4 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axeptio Axeptio axeptio-sdk-integration allows PHP Local File Inclusion.This issue affects Axeptio: from n/a through <= 2.5.4.
0.0
CVE-2024-56058 - WordPress VRPConnector plugin <= 2.0.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in denniskravetstns VRPConnector vrpconnector allows Object Injection.This issue affects VRPConnector: from n/a through <= 2.0.1.
0.0
CVE-2024-56059 - WordPress Partners plugin <= 0.2.0 - PHP Object Injection vulnerability
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in farinspace Partners partners allows Object Injection.This issue affects Partners: from n/a through <= 0.2.0.