CVE-2024-54224 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuomodoSoft ElementsReady Addons for Elementor allows DOM-Based XSS.This issue affects ElementsReady Addons for Elementor: from n/a through 6.4.7.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
CVE-2024-54223 |
Description: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Contact Form - Repute InfoSystems ARForms Form Builder allows Code Injection.This issue affects ARForms Form Builder: from n/a through 1.7.1.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
CVE-2024-54220 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Roninwp FAT Services Booking allows Stored XSS.This issue affects FAT Services Booking: from n/a through 5.6.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
CVE-2024-54219 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thehp AIO Contact.This issue affects AIO Contact: from n/a through 2.8.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
CVE-2024-54218 |
Description: Missing Authorization vulnerability in Thehp AIO Contact.This issue affects AIO Contact: from n/a through 2.8.1.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
CVE-2024-54217 |
Description: Missing Authorization vulnerability in Repute info systems ARForms.This issue affects ARForms: from n/a through 6.4.1.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
CVE-2024-54216 |
Description: Path Traversal: '.../...//' vulnerability in Envato Security Team ARForms allows Path Traversal.This issue affects ARForms: from n/a through 6.4.1.
CVSS: HIGH (7.7) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
CVE-2024-54215 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Envato Security Team Revy.This issue affects Revy: from n/a through 1.18.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
CVE-2024-53822 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Genetech Pie Register Premium.This issue affects Pie Register Premium: from n/a before 3.8.3.3.
CVSS: CRITICAL (10.0) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|
CVE-2024-53819 |
Description: Missing Authorization vulnerability in Sprout Invoices Client Invoicing by Sprout Invoices.This issue affects Client Invoicing by Sprout Invoices: from n/a through 20.8.0.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
December 10th, 2024 (4 months ago)
|