Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-54428
WordPress Add image to Post plugin <= 0.6 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in onigetoc Add image to Post allows Stored XSS.This issue affects Add image to Post: from n/a through 0.6.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54427
WordPress Category of Posts plugin <= 1.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Linda MacPhee-Cobb Category of Posts allows Stored XSS.This issue affects Category of Posts: from n/a through 1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54426
WordPress LeaderBoard Plugin plugin <= 1.2.4 - CSRF to Stored Cross-Site Scripting vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Andy Fradelakis LeaderBoard Plugin allows Stored XSS.This issue affects LeaderBoard Plugin: from n/a through 1.2.4.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54425
WordPress LionScripts: Site Maintenance plugin <= 2.1 - CSRF to Stored Cross-Site Scripting vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in LionScripts.com LionScripts: Site Maintenance & Noindex Nofollow Plugin allows Stored XSS.This issue affects LionScripts: Site Maintenance & Noindex Nofollow Plugin: from n/a through 2.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54424
WordPress Like in Vk.com plugin <= 0.5.2 - CSRF to Stored Cross-Site Scripting vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ilya Chekalskiy Like in Vk.com allows Stored XSS.This issue affects Like in Vk.com: from n/a through 0.5.2.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54423
WordPress Social Media Sharing plugin <= 1.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Jesse Overright Social Media Sharing allows Stored XSS.This issue affects Social Media Sharing: from n/a through 1.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54422
WordPress Evernote Sync plugin <= 3.0.0 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gaowei Tang Evernote Sync allows Reflected XSS.This issue affects Evernote Sync: from n/a through 3.0.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54421
WordPress Floating Video Player plugin <= 1.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sanjay Singh Negi Floating Video Player allows Stored XSS.This issue affects Floating Video Player: from n/a through 1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54420
WordPress Metrika plugin <= 1.2 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Aleksander Novikov Metrika allows Cross Site Request Forgery.This issue affects Metrika: from n/a through 1.2.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54416
WordPress Wp Login with Ajax plugin <= 0.6 - CSRF to Stored Cross-Site Scripting vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Navdeep Kumar Wp Login with Ajax allows Stored XSS.This issue affects Wp Login with Ajax: from n/a through 0.6.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)