Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-06	CVE-2024-53802	Cross-site Scripting vulnerability in Futuriowp Futurio Extra Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FuturioWP Futurio Extra allows Stored XSS.This issue affects Futurio Extra: from n/a through 2.0.14. network low complexity futuriowp CWE-79	5.4
2024-12-06	CVE-2024-53803	Missing Authorization vulnerability in Wpmailster WP Mailster Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0. network low complexity wpmailster CWE-862	8.8
2024-12-06	CVE-2024-53804	Unspecified vulnerability in Wpmailster WP Mailster Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.16.0. network low complexity wpmailster	7.5
2024-12-06	CVE-2024-53805	Unspecified vulnerability in Wpmailster WP Mailster Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0. network low complexity wpmailster critical	9.8
2024-12-06	CVE-2024-53807	SQL Injection vulnerability in Wpmailster WP Mailster Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in brandtoss WP Mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through 1.8.16.0. network low complexity wpmailster CWE-89 critical	9.8
2024-12-06	CVE-2024-53808	SQL Injection vulnerability in Basixonline Nex-Forms Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms – Ultimate Form Builder allows SQL Injection.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.7.8. network low complexity basixonline CWE-89	7.2
2024-12-06	CVE-2024-53823	Cross-site Scripting vulnerability in Posimyth the Plus Addons for Elementor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.6.14. network low complexity posimyth CWE-79	5.4
2024-12-06	CVE-2024-54212	Cross-site Scripting vulnerability in Wpthemespace Magical Addons for Elementor Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor alam Magical Addons For Elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through 1.2.6. network low complexity wpthemespace CWE-79	5.4
2024-12-06	CVE-2024-11729	SQL Injection vulnerability in Iqonic Kivicare The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'service_list[0][service_id]' parameter of the get_widget_payment_options AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. network low complexity iqonic CWE-89	6.5
2024-12-06	CVE-2024-11730	SQL Injection vulnerability in Iqonic Kivicare The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'sort[]' parameter of the static_data_list AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. network low complexity iqonic CWE-89	6.5

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities