Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-54254 |
WordPress Message Filter for Contact Form 7 plugin <= 1.6.3 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in Kofi Mokome Message Filter for Contact Form 7.This issue affects Message Filter for Contact Form 7: from n/a through 1.6.3.
CVSS: MEDIUM (6.3) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-54253 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a through 1.4.6.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-54251 |
Description: Missing Authorization vulnerability in Prodigy Commerce Prodigy Commerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Prodigy Commerce: from n/a through 3.0.9.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-54247 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ABCBiz ABCBiz Addons and Templates for Elementor allows Stored XSS.This issue affects ABCBiz Addons and Templates for Elementor: from n/a through 2.0.2.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-54232 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rrdevs RRAddons for Elementor allows Stored XSS.This issue affects RRAddons for Elementor: from n/a through 1.1.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-54230 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPRealizer Unlock Addons for Elementor allows DOM-Based XSS.This issue affects Unlock Addons for Elementor: from n/a through 1.0.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-54228 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebOccult Technologies Pvt Ltd Wot Elementor Widgets allows DOM-Based XSS.This issue affects Wot Elementor Widgets: from n/a through 1.0.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-54227 |
Description: Missing Authorization vulnerability in theDotstore Minimum and Maximum Quantity for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Minimum and Maximum Quantity for WooCommerce: from n/a through 2.0.0.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-54226 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Karl Kiesinger Country Blocker allows Stored XSS.This issue affects Country Blocker: from n/a through 3.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
|
CVE-2024-54225 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in CodegearThemes Designer allows PHP Local File Inclusion.This issue affects Designer: from n/a through 1.3.3.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|