| 2024-10-30 | CVE-2024-10399 | The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_search_users function in all versions up to, and including, 5.0.13. | 4.3 |
| 2024-10-30 | CVE-2024-8871 | The Pricing Tables WordPress Plugin – Easy Pricing Tables plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.2.5. | 6.1 |
| 2024-10-30 | CVE-2023-5816 | Unspecified vulnerability in Bowo Code Explorer
The Code Explorer plugin for WordPress is vulnerable to arbitrary external file reading in all versions up to, and including, 1.4.5. network low complexity bowo | 4.9 |
| 2024-10-30 | CVE-2024-10506 | SQL Injection vulnerability in Fabianros Blood Bank Management System 1.0
A vulnerability classified as critical has been found in code-projects Blood Bank System 1.0. | 7.2 |
| 2024-10-30 | CVE-2024-10507 | SQL Injection vulnerability in Codezips Free Exam Hall Seating Management System 1.0
A vulnerability classified as critical was found in Codezips Free Exam Hall Seating Management System 1.0. | 9.8 |
| 2024-10-30 | CVE-2024-10509 | SQL Injection vulnerability in Codezips Online Institute Management System 1.0
A vulnerability, which was classified as critical, has been found in Codezips Online Institute Management System 1.0. | 9.8 |
| 2024-10-30 | CVE-2024-8627 | Cross-site Scripting vulnerability in Joshlobe Ultimate Tinymce
The Ultimate TinyMCE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'field' shortcode in all versions up to, and including, 5.7 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-10-30 | CVE-2024-8792 | Cross-site Scripting vulnerability in Markjaquith Subscribe to Comments
The Subscribe to Comments plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.3. | 6.1 |
| 2024-10-30 | CVE-2024-9846 | Code Injection vulnerability in Aftabhusain Enable Shortcodes Inside Widgets,Comments and Experts
The The Enable Shortcodes inside Widgets,Comments and Experts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.0. | 7.3 |
| 2024-10-30 | CVE-2024-9884 | The T(-) Countdown plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tminus' shortcode in all versions up to, and including, 2.4.8 due to insufficient input sanitization and output escaping on user supplied attributes. | 6.4 |