Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-29	CVE-2024-43953	Cross-site Scripting vulnerability in Wpbakery Page Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Classic Addons Classic Addons – WPBakery Page Builder allows Stored XSS.This issue affects Classic Addons – WPBakery Page Builder: from n/a through 3.0. network low complexity wpbakery CWE-79	5.4
2024-08-29	CVE-2024-43958	Cross-site Scripting vulnerability in Gianniporto Intothedark Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gianni Porto IntoTheDark allows Reflected XSS.This issue affects IntoTheDark: from n/a through 1.0.5. network low complexity gianniporto CWE-79	6.1
2024-08-29	CVE-2024-43960	Cross-site Scripting vulnerability in Pagebuilderaddons web and Woocommerce Addons for Wpbakery Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Page Builder Addons Web and WooCommerce Addons for WPBakery Builder allows Stored XSS.This issue affects Web and WooCommerce Addons for WPBakery Builder: from n/a through 1.4.6. network low complexity pagebuilderaddons CWE-79	4.8
2024-08-29	CVE-2024-43961	Cross-site Scripting vulnerability in Azurecurve Toggle Show/Hide Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in azurecurve azurecurve Toggle Show/Hide allows Stored XSS.This issue affects azurecurve Toggle Show/Hide: from n/a through 2.1.3. network low complexity azurecurve CWE-79	5.4
2024-08-29	CVE-2024-43963	Cross-site Scripting vulnerability in Waspthemes Yellowpencil Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WaspThemes YellowPencil Visual CSS Style Editor allows Reflected XSS.This issue affects YellowPencil Visual CSS Style Editor: from n/a through 7.6.1. network low complexity waspthemes CWE-79	6.1
2024-08-29	CVE-2024-43964	Cross-site Scripting vulnerability in Dsgvo-For-Wp Dsgvo ALL in ONE for WP Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Leithold DSGVO All in one for WP allows Stored XSS.This issue affects DSGVO All in one for WP: from n/a through 4.5. network low complexity dsgvo-for-wp CWE-79	5.4
2024-08-29	CVE-2024-44716	Cross-site Scripting vulnerability in Dedebiz 6.3.0 A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. network low complexity dedebiz CWE-79	6.1
2024-08-29	CVE-2024-44717	Cross-site Scripting vulnerability in Dedebiz 6.3.0 A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. network low complexity dedebiz CWE-79	6.1
2024-08-29	CVE-2024-44776	Open Redirect vulnerability in Vtiger CRM 7.4.0 An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to redirect users to a malicious site via a crafted URL. network low complexity vtiger CWE-601	6.1
2024-08-29	CVE-2024-44930	Unspecified vulnerability in Serilog-Contrib Serilog-Enrichers-Clientinfo Serilog before v2.1.0 was discovered to contain a Client IP Spoofing vulnerability, which allows attackers to falsify their IP addresses by specifying an arbitrary IP as a value of X-Forwarded-For or Client-Ip headers while performing HTTP requests. network low complexity serilog-contrib	6.5

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium