Total
7170 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-12414 | 2024-12-16 | 4.3 Medium | ||
| The Themify Store Locator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.9. This is due to missing or incorrect nonce validation on the setting_page() function. This makes it possible for unauthenticated attackers to modify the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | ||||
| CVE-2024-54440 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in blueskyy WP-Ban-User allows Stored XSS.This issue affects WP-Ban-User: from n/a through 1.0. | ||||
| CVE-2024-54439 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Alok Tiwari Amazon Product Price allows Stored XSS.This issue affects Amazon Product Price: from n/a through 1.1. | ||||
| CVE-2024-54438 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in GAxx Gaxx Keywords allows Stored XSS.This issue affects Gaxx Keywords: from n/a through 0.2. | ||||
| CVE-2024-54436 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Jettochkin Jet Footer Code allows Stored XSS.This issue affects Jet Footer Code: from n/a through 1.4. | ||||
| CVE-2024-54435 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Thomas Hoefter Onlywire Multi Autosubmitter allows Stored XSS.This issue affects Onlywire Multi Autosubmitter: from n/a through 1.2.4. | ||||
| CVE-2024-54434 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Phoetry phZoom allows Stored XSS.This issue affects phZoom: from n/a through 1.2.92. | ||||
| CVE-2024-54433 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Simple Booking Simple Booking Widget allows Stored XSS.This issue affects Simple Booking Widget: from n/a through 1.1. | ||||
| CVE-2024-54432 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Shambhu Prasad Patnaik WP Flipkart Importer allows Stored XSS.This issue affects WP Flipkart Importer: from n/a through 1.4. | ||||
| CVE-2024-54431 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Mohamed Riyaz Admin Customization allows Stored XSS.This issue affects Admin Customization: from n/a through 2.2. | ||||
| CVE-2024-54430 | 2024-12-16 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Bastien Ho EELV Newsletter allows Cross Site Request Forgery.This issue affects EELV Newsletter: from n/a through 4.8.2. | ||||
| CVE-2024-54429 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Ivan Ovsyannikov Aphorismus allows Stored XSS.This issue affects Aphorismus: from n/a through 1.2.0. | ||||
| CVE-2024-54428 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in onigetoc Add image to Post allows Stored XSS.This issue affects Add image to Post: from n/a through 0.6. | ||||
| CVE-2024-54427 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Linda MacPhee-Cobb Category of Posts allows Stored XSS.This issue affects Category of Posts: from n/a through 1.0. | ||||
| CVE-2024-54426 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Andy Fradelakis LeaderBoard Plugin allows Stored XSS.This issue affects LeaderBoard Plugin: from n/a through 1.2.4. | ||||
| CVE-2024-54425 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in LionScripts.com LionScripts: Site Maintenance & Noindex Nofollow Plugin allows Stored XSS.This issue affects LionScripts: Site Maintenance & Noindex Nofollow Plugin: from n/a through 2.1. | ||||
| CVE-2024-54423 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Jesse Overright Social Media Sharing allows Stored XSS.This issue affects Social Media Sharing: from n/a through 1.1. | ||||
| CVE-2024-54421 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sanjay Singh Negi Floating Video Player allows Stored XSS.This issue affects Floating Video Player: from n/a through 1.0. | ||||
| CVE-2024-54420 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Aleksander Novikov Metrika allows Cross Site Request Forgery.This issue affects Metrika: from n/a through 1.2. | ||||
| CVE-2024-54416 | 2024-12-16 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Navdeep Kumar Wp Login with Ajax allows Stored XSS.This issue affects Wp Login with Ajax: from n/a through 0.6. | ||||