Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-04 | CVE-2024-51680 | Cross-site Scripting vulnerability in Crestaproject Cresta Addons for Elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CrestaProject – Rizzo Andrea Cresta Addons for Elementor allows Stored XSS.This issue affects Cresta Addons for Elementor: from n/a through 1.0.9. | 5.4 |
| 2024-11-04 | CVE-2024-51681 | Cross-site Scripting vulnerability in Coderevolution WP Pocket Urls 1.0.0/1.0.2 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodeRevolution WP Pocket URLs allows Stored XSS.This issue affects WP Pocket URLs: from n/a through 1.0.3. | 5.4 |
| 2024-11-04 | CVE-2024-51682 | Cross-site Scripting vulnerability in Hasthemes HT Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HasThemes HT Builder – WordPress Theme Builder for Elementor allows Stored XSS.This issue affects HT Builder – WordPress Theme Builder for Elementor: from n/a through 1.3.0. | 5.4 |
| 2024-11-04 | CVE-2024-51683 | Cross-site Scripting vulnerability in Migaweb Custom Post Type Templates for Elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Gangolf Custom post type templates for Elementor allows Stored XSS.This issue affects Custom post type templates for Elementor: from n/a through 1.10.1. | 5.4 |
| 2024-11-04 | CVE-2024-51685 | Cross-site Scripting vulnerability in Migaweb Accordion Title for Elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Gangolf Accordion title for Elementor allows Stored XSS.This issue affects Accordion title for Elementor: from n/a through 1.2.1. | 4.8 |
| 2024-11-04 | CVE-2024-45164 | Incorrect Authorization vulnerability in Akamai Secure Internet Access Enterprise Threatavert 19.2.0.2 Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization Services) before the latest 19.2.0 patch and Apps Portal before 19.2.0.3 or 19.2.0.20240814, has incorrect authorization controls for the Admin functionality on the ThreatAvert Policy page. | 7.1 |
| 2024-11-04 | CVE-2024-50523 | Unrestricted Upload of File with Dangerous Type vulnerability in Rainbow-Link ALL Post Contact Form Unrestricted Upload of File with Dangerous Type vulnerability in RainbowLink Inc. | 9.8 |
| 2024-11-04 | CVE-2024-50525 | Unrestricted Upload of File with Dangerous Type vulnerability in Helloprint Unrestricted Upload of File with Dangerous Type vulnerability in Helloprint Plug your WooCommerce into the largest catalog of customized print products from Helloprint allows Upload a Web Shell to a Web Server.This issue affects Plug your WooCommerce into the largest catalog of customized print products from Helloprint: from n/a through 2.0.2. | 9.8 |
| 2024-11-04 | CVE-2024-50526 | Unrestricted Upload of File with Dangerous Type vulnerability in Lindeni Multi Purpose Mail Form Unrestricted Upload of File with Dangerous Type vulnerability in mahlamusa Multi Purpose Mail Form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a through 1.0.2. | 9.8 |
| 2024-11-04 | CVE-2024-50527 | Unrestricted Upload of File with Dangerous Type vulnerability in Stacksmarket Stacks Mobile APP Builder Unrestricted Upload of File with Dangerous Type vulnerability in Stacks Stacks Mobile App Builder allows Upload a Web Shell to a Web Server.This issue affects Stacks Mobile App Builder: from n/a through 5.2.3. | 9.8 |