| 2024-10-16 | CVE-2024-49265 | Cross-site Scripting vulnerability in Booking Banner Creator
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Partnerships at Booking.Com Booking.Com Banner Creator allows Stored XSS.This issue affects Booking.Com Banner Creator: from n/a through 1.4.6. | 5.4 |
| 2024-10-16 | CVE-2024-49268 | Cross-site Scripting vulnerability in Sunburntkamel Disconnected
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in sunburntkamel disconnected allows Reflected XSS.This issue affects disconnected: from n/a through 1.3.0. | 6.1 |
| 2024-10-16 | CVE-2024-8921 | The Zita Elementor Site Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. | 6.4 |
| 2024-10-16 | CVE-2024-9444 | The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 6.4.3 due to insufficient input sanitization and output escaping. | 6.4 |
| 2024-10-16 | CVE-2017-20193 | Cross-site Scripting vulnerability in WOO Product Vendors
The Product Vendors is vulnerable to Reflected Cross-Site Scripting via the 'vendor_description' parameter in versions up to, and including, 2.0.35 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-10-16 | CVE-2021-4452 | Cross-site Scripting vulnerability in Gtranslate Google Language Translator
The Google Language Translator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via multiple parameters in versions up to, and including, 6.0.9 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-10-16 | CVE-2023-7295 | The Video Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter in versions up to, and including, 1.21 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-10-16 | CVE-2024-45714 | Cross-site Scripting vulnerability in Solarwinds Serv-U
Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ permissions can modify a variable with a payload. | 4.1 |
| 2024-10-16 | CVE-2024-45715 | Cross-site Scripting vulnerability in Solarwinds Platform
The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an edit function to existing elements. | 6.1 |
| 2024-10-16 | CVE-2017-20192 | The Formidable Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters submitted during form entries like 'after_html' in versions before 2.05.03 due to insufficient input sanitization and output escaping. | 8.3 |