Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-04 | CVE-2024-10765 | Unrestricted Upload of File with Dangerous Type vulnerability in Codezips Online Institute Management System 1.0 A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0. | 9.8 |
| 2024-11-04 | CVE-2024-51626 | SQL Injection vulnerability in Mansurahamed Woocommerce Quote Calculator Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mansur Ahamed Woocommerce Quote Calculator allows Blind SQL Injection.This issue affects Woocommerce Quote Calculator: from n/a through 1.1. | 8.8 |
| 2024-11-04 | CVE-2024-51677 | Cross-site Scripting vulnerability in Webberzone Knowledge Base Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WebberZone Knowledge Base allows Stored XSS.This issue affects Knowledge Base: from n/a through 2.2.0. | 5.4 |
| 2024-11-04 | CVE-2024-51678 | Cross-site Scripting vulnerability in Timelord ELO Rating Shortcode Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Marcel Pol Elo Rating Shortcode allows Stored XSS.This issue affects Elo Rating Shortcode: from n/a through 1.0.3. | 5.4 |
| 2024-11-04 | CVE-2024-51680 | Cross-site Scripting vulnerability in Crestaproject Cresta Addons for Elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CrestaProject – Rizzo Andrea Cresta Addons for Elementor allows Stored XSS.This issue affects Cresta Addons for Elementor: from n/a through 1.0.9. | 5.4 |
| 2024-11-04 | CVE-2024-51681 | Cross-site Scripting vulnerability in Coderevolution WP Pocket Urls 1.0.0/1.0.2 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodeRevolution WP Pocket URLs allows Stored XSS.This issue affects WP Pocket URLs: from n/a through 1.0.3. | 5.4 |
| 2024-11-04 | CVE-2024-51682 | Cross-site Scripting vulnerability in Hasthemes HT Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes HT Builder – WordPress Theme Builder for Elementor allows Stored XSS.This issue affects HT Builder – WordPress Theme Builder for Elementor: from n/a through 1.3.0. | 5.4 |
| 2024-11-04 | CVE-2024-51683 | Cross-site Scripting vulnerability in Migaweb Custom Post Type Templates for Elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Gangolf Custom post type templates for Elementor allows Stored XSS.This issue affects Custom post type templates for Elementor: from n/a through 1.10.1. | 5.4 |
| 2024-11-04 | CVE-2024-51685 | Cross-site Scripting vulnerability in Migaweb Accordion Title for Elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Gangolf Accordion title for Elementor allows Stored XSS.This issue affects Accordion title for Elementor: from n/a through 1.2.1. | 4.8 |
| 2024-11-04 | CVE-2024-45164 | Incorrect Authorization vulnerability in Akamai Secure Internet Access Enterprise Threatavert 19.2.0.2 Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization Services) before the latest 19.2.0 patch and Apps Portal before 19.2.0.3 or 19.2.0.20240814, has incorrect authorization controls for the Admin functionality on the ThreatAvert Policy page. | 7.1 |