Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-29 | CVE-2024-43953 | Cross-site Scripting vulnerability in Wpbakery Page Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Classic Addons Classic Addons – WPBakery Page Builder allows Stored XSS.This issue affects Classic Addons – WPBakery Page Builder: from n/a through 3.0. | 5.4 |
2024-08-29 | CVE-2024-43958 | Cross-site Scripting vulnerability in Gianniporto Intothedark Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gianni Porto IntoTheDark allows Reflected XSS.This issue affects IntoTheDark: from n/a through 1.0.5. | 6.1 |
2024-08-29 | CVE-2024-43960 | Cross-site Scripting vulnerability in Pagebuilderaddons web and Woocommerce Addons for Wpbakery Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Page Builder Addons Web and WooCommerce Addons for WPBakery Builder allows Stored XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.4.6. | 4.8 |
2024-08-29 | CVE-2024-43961 | Cross-site Scripting vulnerability in Azurecurve Toggle Show/Hide Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in azurecurve azurecurve Toggle Show/Hide allows Stored XSS.This issue affects azurecurve Toggle Show/Hide: from n/a through 2.1.3. | 5.4 |
2024-08-29 | CVE-2024-43963 | Cross-site Scripting vulnerability in Waspthemes Yellowpencil Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WaspThemes YellowPencil Visual CSS Style Editor allows Reflected XSS.This issue affects YellowPencil Visual CSS Style Editor: from n/a through 7.6.1. | 6.1 |
2024-08-29 | CVE-2024-43964 | Cross-site Scripting vulnerability in Dsgvo-For-Wp Dsgvo ALL in ONE for WP Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Leithold DSGVO All in one for WP allows Stored XSS.This issue affects DSGVO All in one for WP: from n/a through 4.5. | 5.4 |
2024-08-29 | CVE-2024-44716 | Cross-site Scripting vulnerability in Dedebiz 6.3.0 A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 6.1 |
2024-08-29 | CVE-2024-44717 | Cross-site Scripting vulnerability in Dedebiz 6.3.0 A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 6.1 |
2024-08-29 | CVE-2024-44776 | Open Redirect vulnerability in Vtiger CRM 7.4.0 An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to redirect users to a malicious site via a crafted URL. | 6.1 |
2024-08-29 | CVE-2024-44930 | Unspecified vulnerability in Serilog-Contrib Serilog-Enrichers-Clientinfo Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. | 6.5 |