Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-54209 |
WordPress Awesome Shortcodes plugin <= 1.7.2 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Awesome Shortcodes allows Reflected XSS.This issue affects Awesome Shortcodes: from n/a through 1.7.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-54208 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joni Halabi Block Controller allows Reflected XSS.This issue affects Block Controller: from n/a through 1.4.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-54207 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Owen Cutajar & Hyder Jaffari WordPress Auction Plugin allows Stored XSS.This issue affects WordPress Auction Plugin: from n/a through 3.7.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-54206 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in URBAN BASE Z-Downloads allows Stored XSS.This issue affects Z-Downloads: from n/a through 1.11.7.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-54205 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Paloma Paloma Widget allows Cross Site Request Forgery.This issue affects Paloma Widget: from n/a through 1.14.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53826 |
Description: Missing Authorization vulnerability in WPSight WPCasa allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPCasa: from n/a through 1.2.13.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53825 |
Description: Missing Authorization vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through 6.3.2.
CVSS: MEDIUM (4.7) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53824 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AREOI All Bootstrap Blocks allows PHP Local File Inclusion.This issue affects All Bootstrap Blocks: from n/a through 1.3.19.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53823 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.6.14.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53821 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pie Register Premium allows Reflected XSS.This issue affects Pie Register Premium: from n/a through n/a.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|