5.9
CVE-2024-51685 - WordPress Accordion title for Elementor plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Gangolf Accordion title for Elementor allows Stored XSS.This issue affects Accordion title for Elementor: from n/a through 1.2.1.
8.8
CVE-2024-51626 - WordPress Woocommerce Quote Calculator plugin <= 1.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in chenyenming Woocommerce Quote Calculator woo-quote-calculator-order allows Blind SQL Injection.This issue affects Woocommerce Quote Calculator: from n/a through <= 1.1.
7.2
CVE-2024-51672 - WordPress BetterLinks plugin <= 2.1.7 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPDeveloper BetterLinks betterlinks allows SQL Injection.This issue affects BetterLinks: from n/a through <= 2.1.7.
7.5
CVE-2024-50528 - WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Retrieve Embedded Sensitive Data.This issue affects Stacks Mobile App Builder: from n/a through <= 5.2.3.
9.8
CVE-2024-50523 - WordPress All Post Contact Form plugin <= 1.8.2 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in RainbowLink Inc. All Post Contact Form allpost-contactform allows Upload a Web Shell to a Web Server.This issue affects All Post Contact Form: from n/a through <= 1.8.2.
9.8
CVE-2024-50525 - WordPress Helloprint plugin <= 2.0.4 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in helloprint Helloprint helloprint allows Upload a Web Shell to a Web Server.This issue affects Helloprint: from n/a through <= 2.0.4.
9.8
CVE-2024-50526 - WordPress Multi Purpose Mail Form plugin <= 1.0.2 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Lindeni Mahlalela Multi Purpose Mail Form multi-purpose-mail-form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a through <= 1.0.2.
9.8
CVE-2024-50527 - WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Upload a Web Shell to a Web Server.This issue affects Stacks Mobile App Builder: from n/a through <= 5.2.3.
8.8
CVE-2024-50529 - WordPress Training โ Courses plugin <= 2.0.1 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in rudrainn Training โ Courses training allows Upload a Web Shell to a Web Server.This issue affects Training โ Courses: from n/a through <= 2.0.1.
8.8
CVE-2024-50530 - WordPress Stars SMTP Mailer plugin <= 2.2.1 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Stars SMTP Mailer stars-smtp-mailer allows Upload a Web Shell to a Web Server.This issue affects Stars SMTP Mailer: from n/a through <= 2.2.1.