Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-53760
WordPress Capitalize My Title WordPress plugin <= 0.5.3 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Capitalize My Title allows Stored XSS.This issue affects Capitalize My Title: from n/a through 0.5.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 2nd, 2024 (6 months ago)

CVE-2024-53752
WordPress Stripe Donation plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Berg Informatik Stripe Donation allows Stored XSS.This issue affects Stripe Donation: from n/a through 1.2.5.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 2nd, 2024 (6 months ago)

CVE-2024-53749
WordPress Post Carousel Slider for Elementor plugin <= 1.4.0 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Plugin Devs Post Carousel Slider for Elementor allows Stored XSS.This issue affects Post Carousel Slider for Elementor: from n/a through 1.4.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 2nd, 2024 (6 months ago)

CVE-2024-53748
WordPress WP Mermaid plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Terry Lin WP Mermaid allows Stored XSS.This issue affects WP Mermaid: from n/a through 1.0.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 2nd, 2024 (6 months ago)

CVE-2024-53747
WordPress Video Player for WPBakery plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NuttTaro Video Player for WPBakery allows Stored XSS.This issue affects Video Player for WPBakery: from n/a through 1.0.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 2nd, 2024 (6 months ago)

CVE-2024-53746
WordPress Elementor Button Plus plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FlickDevs Elementor Button Plus allows Stored XSS.This issue affects Elementor Button Plus: from n/a through 1.3.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 2nd, 2024 (6 months ago)

CVE-2024-53745
WordPress Social Sharing Buttons By Cosmos Farm plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 코스모스팜 – Cosmosfarm 소셜 공유 버튼 By 코스모스팜 allows Stored XSS.This issue affects 소셜 공유 버튼 By 코스모스팜: from n/a through 1.9.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 2nd, 2024 (6 months ago)

CVE-2024-53744
WordPress Elementor Image Gallery plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Skybootstrap Elementor Image Gallery Plugin allows Stored XSS.This issue affects Elementor Image Gallery Plugin: from n/a through 1.0.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 2nd, 2024 (6 months ago)

CVE-2024-53743
WordPress Countdown Timer for Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FlickDevs Countdown Timer for Elementor allows Stored XSS.This issue affects Countdown Timer for Elementor: from n/a through 1.3.6.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 2nd, 2024 (6 months ago)

CVE-2024-12007
code-projects Farmacia visualizar-produto.php sql injection
Description: A vulnerability, which was classified as critical, was found in code-projects Farmacia 1.0. This affects an unknown part of the file /visualizar-produto.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Es wurde eine kritische Schwachstelle in code-projects Farmacia 1.0 gefunden. Hiervon betroffen ist ein unbekannter Codeblock der Datei /visualizar-produto.php. Durch das Manipulieren des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.

CVSS: MEDIUM (5.3)

EPSS Score: 0.06%

Source: CVE
December 2nd, 2024 (6 months ago)