CVE-2024-54362 |
Description: Path Traversal vulnerability in NotFound GetShop ecommerce allows Path Traversal. This issue affects GetShop ecommerce: from n/a through 1.3.
CVSS: HIGH (8.1) EPSS Score: 0.06%
March 28th, 2025 (4 months ago)
|
CVE-2024-54291 |
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound PluginPass allows Manipulating Web Input to File System Calls. This issue affects PluginPass: from n/a through 0.9.10.
CVSS: HIGH (8.6) EPSS Score: 0.06%
March 28th, 2025 (4 months ago)
|
CVE-2024-51624 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jajapagamentos Já-Já Pagamentos for WooCommerce allows Reflected XSS. This issue affects Já-Já Pagamentos for WooCommerce: from n/a through 1.3.0.
CVSS: HIGH (7.1) EPSS Score: 0.04%
March 28th, 2025 (4 months ago)
|
CVE-2024-0904 |
Description: The Fancy Product Designer WordPress plugin before 6.1.81 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
EPSS Score: 0.47% SSVC Exploitation: none
March 28th, 2025 (4 months ago)
|
CVE-2025-31474 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in matthewprice1178 WP Database Optimizer allows Cross Site Request Forgery. This issue affects WP Database Optimizer: from n/a through 1.2.1.3.
CVSS: MEDIUM (4.3) EPSS Score: 0.02%
March 28th, 2025 (4 months ago)
|
CVE-2025-31473 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matthewprice1178 WP Database Optimizer allows Stored XSS. This issue affects WP Database Optimizer: from n/a through 1.2.1.3.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 28th, 2025 (4 months ago)
|
CVE-2025-31472 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michele Marri Flatty allows Stored XSS. This issue affects Flatty: from n/a through 2.0.0.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 28th, 2025 (4 months ago)
|
CVE-2025-31471 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Falcon Solutions Duplicate Page and Post allows Stored XSS. This issue affects Duplicate Page and Post: from n/a through 1.0.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 28th, 2025 (4 months ago)
|
CVE-2025-31470 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FancyThemes Page Takeover allows Stored XSS. This issue affects Page Takeover: from n/a through 1.1.6.
CVSS: MEDIUM (5.9) EPSS Score: 0.03%
March 28th, 2025 (4 months ago)
|
CVE-2025-31469 |
Description: Missing Authorization vulnerability in webrangers Clear Sucuri Cache allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Clear Sucuri Cache: from n/a through 1.4.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
March 28th, 2025 (4 months ago)
|