Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-54345
WordPress Bicycleshop theme <= 1.5 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SKT Themes Bicycleshop allows DOM-Based XSS.This issue affects Bicycleshop: from n/a through 1.5.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54338
WordPress Hello Event Widgets For Elementor plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Christer Fernstrom Hello Event Widgets For Elementor allows DOM-Based XSS.This issue affects Hello Event Widgets For Elementor: from n/a through 1.0.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54334
WordPress Quran Phrases About Most People Shortcodes plugin <= 1.4 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zeshan B Quran Phrases About Most People Shortcodes allows DOM-Based XSS.This issue affects Quran Phrases About Most People Shortcodes: from n/a through 1.4.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54326
WordPress GEO my WP plugin <= 4.5.0.4 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Eyal Fitoussi GEO my WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GEO my WordPress: from n/a through 4.5.0.4.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54323
WordPress New User Approve plugin <= 2.6.2 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in WPExpertsio New User Approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through 2.6.2.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54321
WordPress Hive Support plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Hive Support Hive Support – WordPress Help Desk allows Cross Site Request Forgery.This issue affects Hive Support – WordPress Help Desk: from n/a through 1.1.2.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54318
WordPress NiceJob plugin <= 3.6.5 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicejob NiceJob allows Stored XSS.This issue affects NiceJob: from n/a through 3.6.5.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54317
WordPress Web Stories plugin <= 1.37.0 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Google Web Stories allows Stored XSS.This issue affects Web Stories: from n/a through 1.37.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54316
WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.8 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NicheAddons Restaurant & Cafe Addon for Elementor allows DOM-Based XSS.This issue affects Restaurant & Cafe Addon for Elementor: from n/a through 1.5.8.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54315
WordPress Events Addon for Elementor plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NicheAddons Events Addon for Elementor allows DOM-Based XSS.This issue affects Events Addon for Elementor: from n/a through 2.2.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)