Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-53714
WordPress Continue Shopping From Cart plugin <= 1.3 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Arrow Design Continue Shopping From Cart allows Stored XSS.This issue affects Continue Shopping From Cart: from n/a through 1.3.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 3rd, 2024 (5 months ago)

CVE-2024-53713
WordPress Silverlight Video Player plugin <= 1.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Alain Diart for les-sushi-codeurs.fr & Eric Ambrosi for regart.net Silverlight Video Player allows Stored XSS.This issue affects Silverlight Video Player: from n/a through 1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 3rd, 2024 (5 months ago)

CVE-2024-53712
WordPress Kevin's plugin <= 2.0.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Kevin McCabe Kevin's allows Stored XSS.This issue affects Kevin's: from n/a through 2.0.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 3rd, 2024 (5 months ago)

CVE-2024-53711
WordPress Hotlink2Watermark plugin <= 0.3.2 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Jean-Marc BIANCA Hotlink2Watermark allows Stored XSS.This issue affects Hotlink2Watermark: from n/a through 0.3.2.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 3rd, 2024 (5 months ago)

CVE-2024-53710
WordPress ITERAS plugin <= 1.7.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in ITERAS ITERAS allows Stored XSS.This issue affects ITERAS: from n/a through 1.7.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 3rd, 2024 (5 months ago)

CVE-2024-53709
WordPress Generic Elements plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bdevs Generic Elements allows DOM-Based XSS.This issue affects Generic Elements: from n/a through 1.2.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 3rd, 2024 (5 months ago)

CVE-2024-53708
WordPress AI Quiz plugin <= 1.1 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in AutoQuiz AI Quiz allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects AI Quiz: from n/a through 1.1.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
December 3rd, 2024 (5 months ago)

CVE-2024-53707
WordPress Ahmeti Wp Güzel Sözler plugin <= 4.0 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Ahmet İmamoğlu Ahmeti Wp Güzel Sözler allows Cross Site Request Forgery.This issue affects Ahmeti Wp Güzel Sözler: from n/a through 4.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
December 3rd, 2024 (5 months ago)

CVE-2024-53623
Incorrect access control in the component l_0_0.xml of TP-Link ARCHER-C7 v5 allows attackers to access sensitive information.
Description: Incorrect access control in the component l_0_0.xml of TP-Link ARCHER-C7 v5 allows attackers to access sensitive information.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE
December 3rd, 2024 (5 months ago)

CVE-2024-53617
A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to takeover any account via uploading an HTML file on...
Description: A Cross Site Scripting vulnerability in LibrePhotos before commit 32237 allows attackers to takeover any account via uploading an HTML file on behalf of the admin user using IDOR in file upload.

CVSS: LOW (0.0)

EPSS Score: 0.05%

Source: CVE
December 3rd, 2024 (5 months ago)