Total
26633 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-32530 | 2024-04-17 | N/A | 6.5 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PressTigers Simple Testimonials Showcase allows Stored XSS.This issue affects Simple Testimonials Showcase: from n/a through 1.1.5. | |||||
CVE-2024-32508 | 2024-04-17 | N/A | 6.5 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in deTheme DethemeKit For Elementor allows Stored XSS.This issue affects DethemeKit For Elementor: from n/a through 2.0.2. | |||||
CVE-2024-32527 | 2024-04-17 | N/A | 6.5 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jotform Jotform Online Forms allows Stored XSS.This issue affects Jotform Online Forms: from n/a through 1.3.1. | |||||
CVE-2024-32505 | 2024-04-17 | N/A | 6.5 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wpmet Elements kit Elementor addons allows Stored XSS.This issue affects Elements kit Elementor addons: from n/a through 3.0.6. | |||||
CVE-2024-32531 | 2024-04-17 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Everest themes GuCherry Blog allows Reflected XSS.This issue affects GuCherry Blog: from n/a through 1.1.8. | |||||
CVE-2024-32535 | 2024-04-17 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jojaba Access Category Password allows Reflected XSS.This issue affects Access Category Password: from n/a through 1.5.1. | |||||
CVE-2024-32536 | 2024-04-17 | N/A | 6.5 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Trade Pips WP TradingView allows Stored XSS.This issue affects WP TradingView: from n/a through 1.7. | |||||
CVE-2024-32528 | 2024-04-17 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seerox WP Dynamic Keywords Injector allows Reflected XSS.This issue affects WP Dynamic Keywords Injector: from n/a through 2.3.18. | |||||
CVE-2024-32548 | 2024-04-17 | N/A | 5.9 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hideki Tanaka What's New Generator allows Stored XSS.This issue affects What's New Generator: from n/a through 2.0.2. | |||||
CVE-2024-32130 | 2024-04-17 | N/A | 6.5 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paystack Payment Forms for Paystack allows Stored XSS.This issue affects Payment Forms for Paystack: from n/a through 3.4.1. | |||||
CVE-2024-32539 | 2024-04-17 | N/A | 6.5 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JoomUnited WP File Download Light allows Stored XSS.This issue affects WP File Download Light: from n/a through 1.3.3. | |||||
CVE-2024-32540 | 2024-04-17 | N/A | 5.9 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Web357 Fixed HTML Toolbar allows Stored XSS.This issue affects Fixed HTML Toolbar: from n/a through 1.0.7. | |||||
CVE-2024-32541 | 2024-04-17 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tobias Battenberg WP-Cufon allows Stored XSS.This issue affects WP-Cufon: from n/a through 1.6.10. | |||||
CVE-2024-32457 | 2024-04-17 | N/A | 6.5 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The CSSIgniter Team Elements Plus! allows Stored XSS.This issue affects Elements Plus!: from n/a through 2.16.3. | |||||
CVE-2024-32526 | 2024-04-17 | N/A | 6.5 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Flector Easy Textillate allows Stored XSS.This issue affects Easy Textillate: from n/a through 2.02. | |||||
CVE-2024-32545 | 2024-04-17 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Canva Canva – Design beautiful blog graphics allows Reflected XSS.This issue affects Canva – Design beautiful blog graphics: from n/a through 1.2.4. | |||||
CVE-2024-32544 | 2024-04-17 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Netgsm allows Reflected XSS.This issue affects Netgsm: from n/a through 2.8. | |||||
CVE-2024-32542 | 2024-04-17 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Organic Themes Bulk Block Converter allows Reflected XSS.This issue affects Bulk Block Converter: from n/a through 1.0.1. | |||||
CVE-2024-0948 | 1 Netbox | 1 Netbox | 2024-04-16 | 3.3 LOW | 6.1 MEDIUM |
** DISPUTED ** A vulnerability, which was classified as problematic, has been found in NetBox up to 3.7.0. This issue affects some unknown processing of the file /core/config-revisions of the component Home Page Configuration. The manipulation with the input <<h1 onload=alert(1)>>test</h1> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The associated identifier of this vulnerability is VDB-252191. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
CVE-2024-32557 | 2024-04-16 | N/A | 6.5 MEDIUM | ||
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Exclusive Addons Exclusive Addons Elementor allows Stored XSS.This issue affects Exclusive Addons Elementor: from n/a through 2.6.9.2. |