0.0

CVE-2024-50413 - WordPress Import and export users and customers plugin <= 1.27.5 - Cross Site Scripting (XSS) vulne…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta allows Stored XSS.This issue affects Import and export users and customers: from n/a through <= 1.27.5.

📅 Published: Oct. 29, 2024, 8:47 a.m. 🔄 Last Modified: April 1, 2026, 4:19 p.m.

0.0

CVE-2024-50414 - WordPress Button contact VR plugin <= 4.7.9.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Buttonizer Button contact VR button-contact-vr allows Stored XSS.This issue affects Button contact VR: from n/a through <= 4.7.9.1.

📅 Published: Oct. 29, 2024, 8:47 a.m. 🔄 Last Modified: April 1, 2026, 4:19 p.m.

0.0

CVE-2024-50415 - WordPress Ads.txt & App-ads.txt Manager for WordPress plugin <= 1.1.7.1 - Stored Cross Site Scripti…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pagup Ads.txt & App-ads.txt Manager for WordPress app-ads-txt allows Stored XSS.This issue affects Ads.txt & App-ads.txt Manager for WordPress: from n/a through <= 1.1.7.1.

📅 Published: Oct. 29, 2024, 8:46 a.m. 🔄 Last Modified: April 1, 2026, 4:19 p.m.

0.0

CVE-2024-50418 - WordPress Time Slot plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Time Slot Booking Time Slot timeslot allows DOM-Based XSS.This issue affects Time Slot: from n/a through <= 1.3.6.

📅 Published: Oct. 29, 2024, 8:44 a.m. 🔄 Last Modified: April 1, 2026, 4:19 p.m.

4.8

CVSS3.1

CVE-2024-50426 - WordPress Survey Maker plugin <= 5.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through <= 5.0.2.

📅 Published: Oct. 29, 2024, 8:43 a.m. 🔄 Last Modified: April 1, 2026, 4:19 p.m.

0.0

CVE-2024-50475 - WordPress Signup Page plugin <= 1.0 - Arbitrary Option Update to Privilege Escalation vulnerability

Missing Authorization vulnerability in Scott Gamon Signup Page signup-page allows Privilege Escalation.This issue affects Signup Page: from n/a through <= 1.0.

📅 Published: Oct. 29, 2024, 8:39 a.m. 🔄 Last Modified: April 1, 2026, 4:19 p.m.

0.0

CVE-2024-50476 - WordPress GRÜN spendino Spendenformular plugin <= 1.0.1 - Arbitrary Option Update to Privilege Esca…

Missing Authorization vulnerability in GRÜN Software Group GmbH GRÜN spendino Spendenformular spendino allows Privilege Escalation.This issue affects GRÜN spendino Spendenformular: from n/a through <= 1.0.1.

📅 Published: Oct. 29, 2024, 8:38 a.m. 🔄 Last Modified: April 1, 2026, 4:19 p.m.

0.0

CVE-2024-50481 - WordPress Bstone Demo Importer plugin <= 1.0.1 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in stackthemes Bstone Demo Importer bstone-demo-importer allows Privilege Escalation.This issue affects Bstone Demo Importer: from n/a through <= 1.0.1.

📅 Published: Oct. 29, 2024, 8:36 a.m. 🔄 Last Modified: April 1, 2026, 4:19 p.m.

0.0

CVE-2024-50485 - WordPress Exam Matrix plugin <= 1.5 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Udit Rawat Exam Matrix exam-matrix allows Privilege Escalation.This issue affects Exam Matrix: from n/a through <= 1.5.

📅 Published: Oct. 29, 2024, 8:35 a.m. 🔄 Last Modified: April 1, 2026, 4:19 p.m.

0.0

CVE-2024-50490 - WordPress PegaPoll plugin <= 1.0.2 - Arbitrary Option Update to Privilege Escalation vulnerability

Missing Authorization vulnerability in lowcage PegaPoll pegapoll allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects PegaPoll: from n/a through <= 1.0.2.

📅 Published: Oct. 29, 2024, 8:33 a.m. 🔄 Last Modified: April 1, 2026, 4:19 p.m.

Vulnerability Database Index

0.0