Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-54426
WordPress LeaderBoard Plugin plugin <= 1.2.4 - CSRF to Stored Cross-Site Scripting vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Andy Fradelakis LeaderBoard Plugin allows Stored XSS.This issue affects LeaderBoard Plugin: from n/a through 1.2.4.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54425
WordPress LionScripts: Site Maintenance plugin <= 2.1 - CSRF to Stored Cross-Site Scripting vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in LionScripts.com LionScripts: Site Maintenance & Noindex Nofollow Plugin allows Stored XSS.This issue affects LionScripts: Site Maintenance & Noindex Nofollow Plugin: from n/a through 2.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54424
WordPress Like in Vk.com plugin <= 0.5.2 - CSRF to Stored Cross-Site Scripting vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ilya Chekalskiy Like in Vk.com allows Stored XSS.This issue affects Like in Vk.com: from n/a through 0.5.2.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54423
WordPress Social Media Sharing plugin <= 1.1 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Jesse Overright Social Media Sharing allows Stored XSS.This issue affects Social Media Sharing: from n/a through 1.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54422
WordPress Evernote Sync plugin <= 3.0.0 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gaowei Tang Evernote Sync allows Reflected XSS.This issue affects Evernote Sync: from n/a through 3.0.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54421
WordPress Floating Video Player plugin <= 1.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sanjay Singh Negi Floating Video Player allows Stored XSS.This issue affects Floating Video Player: from n/a through 1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54420
WordPress Metrika plugin <= 1.2 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Aleksander Novikov Metrika allows Cross Site Request Forgery.This issue affects Metrika: from n/a through 1.2.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54419
WordPress Ui Slider Filter By Price plugin <= 1.1 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Mansur Ahamed Ui Slider Filter By Price allows Cross Site Request Forgery.This issue affects Ui Slider Filter By Price: from n/a through 1.1.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54418
WordPress DTC Documents plugin <= 1.1.05 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Diversified Technology Corp., WPYog, and Gagan Deep Singh DTC Documents allows Cross Site Request Forgery.This issue affects DTC Documents: from n/a through 1.1.05.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54417
WordPress PixProof plugin <= 2.0.1 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Pixelgrade PixProof allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects PixProof: from n/a through 2.0.1.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)