Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-54323
WordPress New User Approve plugin <= 2.6.2 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in WPExpertsio New User Approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through 2.6.2.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54322
WordPress Media Downloader plugin <= 0.4.7.4 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ederson Peka Media Downloader allows Reflected XSS.This issue affects Media Downloader: from n/a through 0.4.7.4.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54321
WordPress Hive Support plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Hive Support Hive Support – WordPress Help Desk allows Cross Site Request Forgery.This issue affects Hive Support – WordPress Help Desk: from n/a through 1.1.2.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54320
WordPress ICDSoft Reseller Store plugin<= 2.4.5 -Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ICDSoft Hosting ICDSoft Reseller Store allows Reflected XSS.This issue affects ICDSoft Reseller Store: from n/a through 2.4.5.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54319
WordPress Kundgenerator plugin <= 1.0.6 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MultiNet Interactive AB Kundgenerator allows Reflected XSS.This issue affects Kundgenerator: from n/a through 1.0.6.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54318
WordPress NiceJob plugin <= 3.6.5 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicejob NiceJob allows Stored XSS.This issue affects NiceJob: from n/a through 3.6.5.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54317
WordPress Web Stories plugin <= 1.37.0 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Google Web Stories allows Stored XSS.This issue affects Web Stories: from n/a through 1.37.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54316
WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.8 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NicheAddons Restaurant & Cafe Addon for Elementor allows DOM-Based XSS.This issue affects Restaurant & Cafe Addon for Elementor: from n/a through 1.5.8.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54315
WordPress Events Addon for Elementor plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NicheAddons Events Addon for Elementor allows DOM-Based XSS.This issue affects Events Addon for Elementor: from n/a through 2.2.2.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)

CVE-2024-54314
WordPress Primary Addon for Elementor plugin <= 1.6.0 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NicheAddons Primary Addon for Elementor allows Stored XSS.This issue affects Primary Addon for Elementor: from n/a through 1.6.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 14th, 2024 (4 months ago)