Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-12-06 CVE-2024-53797 Cross-site Scripting vulnerability in Fastlinemedia Beaver Builder
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This issue affects Beaver Builder: from n/a through 2.8.4.3.
network
low complexity
fastlinemedia CWE-79
5.4
2024-12-06 CVE-2024-53801 Cross-site Scripting vulnerability in Bold-Themes Bold Page Builder
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 5.2.1.
network
low complexity
bold-themes CWE-79
5.4
2024-12-06 CVE-2024-53802 Cross-site Scripting vulnerability in Futuriowp Futurio Extra
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FuturioWP Futurio Extra allows Stored XSS.This issue affects Futurio Extra: from n/a through 2.0.14.
network
low complexity
futuriowp CWE-79
5.4
2024-12-06 CVE-2024-53803 Missing Authorization vulnerability in Wpmailster WP Mailster
Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0.
network
low complexity
wpmailster CWE-862
8.8
2024-12-06 CVE-2024-53804 Unspecified vulnerability in Wpmailster WP Mailster
Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.16.0.
network
low complexity
wpmailster
7.5
2024-12-06 CVE-2024-53805 Unspecified vulnerability in Wpmailster WP Mailster
Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0.
network
low complexity
wpmailster
critical
9.8
2024-12-06 CVE-2024-53807 SQL Injection vulnerability in Wpmailster WP Mailster
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in brandtoss WP Mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through 1.8.16.0.
network
low complexity
wpmailster CWE-89
critical
9.8
2024-12-06 CVE-2024-53808 SQL Injection vulnerability in Basixonline Nex-Forms
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms – Ultimate Form Builder allows SQL Injection.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.7.8.
network
low complexity
basixonline CWE-89
7.2
2024-12-06 CVE-2024-53823 Cross-site Scripting vulnerability in Posimyth the Plus Addons for Elementor
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.6.14.
network
low complexity
posimyth CWE-79
5.4
2024-12-06 CVE-2024-54212 Cross-site Scripting vulnerability in Wpthemespace Magical Addons for Elementor
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor alam Magical Addons For Elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through 1.2.6.
network
low complexity
wpthemespace CWE-79
5.4