Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-14 | CVE-2024-5465 | Unspecified vulnerability in Huawei Emui and Harmonyos Function vulnerabilities in the Calendar module Impact: Successful exploitation of this vulnerability will affect availability. | 5.5 |
2024-06-14 | CVE-2024-5994 | The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Custom JS option in versions up to, and including, 9.0.38. network low complexity | 6.4 |
2024-06-14 | CVE-2023-51377 | Missing Authorization vulnerability in Wpeverest Everest Forms Missing Authorization vulnerability in WPEverest Everest Forms.This issue affects Everest Forms: from n/a through 2.0.3. | 5.3 |
2024-06-14 | CVE-2023-51495 | Missing Authorization vulnerability in Woocommerce Returns and Warranty Requests Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7. | 6.5 |
2024-06-14 | CVE-2023-51496 | Missing Authorization vulnerability in Woocommerce Returns and Warranty Requests Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7. | 5.3 |
2024-06-14 | CVE-2023-51497 | Missing Authorization vulnerability in Woocommerce Shipping multiple Addresses Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue affects WooCommerce Ship to Multiple Addresses: from n/a through 3.8.9. | 5.4 |
2024-06-14 | CVE-2024-1295 | Unspecified vulnerability in TRI the Events Calendar The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Calendar WordPress plugin before 6.4.0.1 does not prevent users with at least the contributor role from leaking details about events they shouldn't have access to. | 6.5 |
2024-06-14 | CVE-2024-23504 | Missing Authorization vulnerability in Wpmanageninja Ninja Tables Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.5. | 5.3 |
2024-06-14 | CVE-2024-2122 | Cross-site Scripting vulnerability in Fooplugins Foogallery The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via album gallery custom URLs in all versions up to, and including, 2.4.15 due to insufficient input sanitization and output escaping. | 5.4 |
2024-06-14 | CVE-2024-3966 | Cross-site Scripting vulnerability in Projectcaruso Pray for ME 1.0.4 The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin visits the Prayer Requests in the WP Admin | 6.1 |