Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-20 | CVE-2024-6932 | Cross-site Scripting vulnerability in Classcms Project Classcms 4.5 A vulnerability was found in ClassCMS 4.5. | 5.4 |
| 2024-07-20 | CVE-2024-37954 | Cross-site Scripting vulnerability in Marcelotorres Simple Responsive Slider Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in marcelotorres Simple Responsive Slider allows Reflected XSS.This issue affects Simple Responsive Slider: from n/a through 0.2.2.5. | 6.1 |
| 2024-07-20 | CVE-2024-37955 | Cross-site Scripting vulnerability in Makegutenblock Gutslider Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zakaria Binsaifullah GutSlider – All in One Block Slider allows Stored XSS.This issue affects GutSlider – All in One Block Slider: from n/a through 2.7.3. | 5.4 |
| 2024-07-20 | CVE-2024-37956 | Cross-site Scripting vulnerability in Vektor-Inc VK ALL in ONE Expansion Unit Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vektor,Inc. | 5.4 |
| 2024-07-20 | CVE-2024-37957 | Cross-site Scripting vulnerability in Bradmax Player Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bradmax Bradmax Player allows Stored XSS.This issue affects Bradmax Player: from n/a through 1.1.27. | 5.4 |
| 2024-07-20 | CVE-2024-37958 | Cross-site Scripting vulnerability in Mekshq Meks Smart Author Widget Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Meks Meks Smart Author Widget allows Stored XSS.This issue affects Meks Smart Author Widget: from n/a through 1.1.4. | 5.4 |
| 2024-07-20 | CVE-2024-37959 | Cross-site Scripting vulnerability in Atlaspolicy Power BI Embedded Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Atlas Public Policy Power BI Embedded for WordPress allows Stored XSS.This issue affects Power BI Embedded for WordPress: from n/a through 1.1.7. | 5.4 |
| 2024-07-20 | CVE-2024-6489 | The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_google_api_key function in all versions up to, and including, 2.0.10. network low complexity | 5.3 |
| 2024-07-20 | CVE-2024-6491 | The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the mailchimp_api_key_manage function in all versions up to, and including, 2.0.10. network low complexity | 4.3 |
| 2024-07-20 | CVE-2024-40347 | Cross-site Scripting vulnerability in Hyland Alfresco Content Services 7.2.0 A reflected cross-site scripting (XSS) vulnerability in Hyland Alfresco Platform 23.2.1-r96 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the parameter htmlid. | 6.1 |