The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2024-32746 | A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the MENU parameter under the Menu module. | -- | Apr 18, 2024 |
CVE-2024-32745 | A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE DESCRIPTION parameter under the CURRENT PAGE module. | -- | Apr 18, 2024 |
CVE-2024-32744 | A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT PAGE module. | -- | Apr 18, 2024 |
CVE-2024-32743 | A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SITE LANGUAGE CONFIG parameter under the Security module. | -- | Apr 18, 2024 |
CVE-2024-32689 | Missing Authorization vulnerability in GenialSouls WP Social Comments.This issue affects WP Social Comments: from n/a through 1.7.3. | -- | Apr 18, 2024 |
CVE-2024-32686 | Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3. | -- | Apr 18, 2024 |
CVE-2024-32634 | In huge memory get unmapped area check, code can never be reached because of a logical contradiction. | -- | Apr 16, 2024 |
CVE-2024-32633 | An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way. | -- | Apr 16, 2024 |
CVE-2024-32632 | A value in ATCMD will be misinterpreted by printf, causing incorrect output and possibly out-of-bounds memory access | -- | Apr 16, 2024 |
CVE-2024-32631 | Out-of-Bounds read in ciCCIOTOPT in ASR180X will cause incorrect computations. | -- | Apr 16, 2024 |
CVE-2024-32625 | In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations | -- | Apr 16, 2024 |
CVE-2024-32604 | Authorization Bypass Through User-Controlled Key vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5. | -- | Apr 18, 2024 |
CVE-2024-32603 | Deserialization of Untrusted Data vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.20. | -- | Apr 18, 2024 |
CVE-2024-32602 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.3.1. | -- | Apr 18, 2024 |
CVE-2024-32601 | Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Popup Anything.This issue affects Popup Anything: from n/a through 2.8. | -- | Apr 18, 2024 |
CVE-2024-32600 | Deserialization of Untrusted Data vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a through 3.9.5. | -- | Apr 18, 2024 |
CVE-2024-32599 | Improper Control of Generation of Code (\'Code Injection\') vulnerability in Deepak anand WP Dummy Content Generator.This issue affects WP Dummy Content Generator: from n/a through 3.2.1. | -- | Apr 18, 2024 |
CVE-2024-32598 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8. | -- | Apr 18, 2024 |
CVE-2024-32597 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Xylus Themes WordPress Importer allows Stored XSS.This issue affects WordPress Importer: from n/a through 1.0.7. | -- | Apr 18, 2024 |
CVE-2024-32596 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Eric-Oliver Mächler DSGVO Youtube allows Stored XSS.This issue affects DSGVO Youtube: from n/a through 1.4.5. | -- | Apr 18, 2024 |
CVE-2024-32595 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Mat Bao Corp WP Helper Premium allows Reflected XSS.This issue affects WP Helper Premium: from n/a before 4.6.0. | -- | Apr 18, 2024 |
CVE-2024-32594 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in AttesaWP Attesa Extra allows Stored XSS.This issue affects Attesa Extra: from n/a through 1.3.9. | -- | Apr 18, 2024 |
CVE-2024-32593 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.3.4.2. | -- | Apr 18, 2024 |
CVE-2024-32592 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in VoidCoders, innovs Void Elementor WHMCS Elements For Elementor Page Builder allows Stored XSS.This issue affects Void Elementor WHMCS Elements For Elementor Page Builder: from n/a through 2.0. | -- | Apr 18, 2024 |
CVE-2024-32591 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Daniele De Rosa Backend Designer allows Stored XSS.This issue affects Backend Designer: from n/a through 1.3. | -- | Apr 18, 2024 |
CVE-2024-32590 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Webfood Kattene allows Stored XSS.This issue affects Kattene: from n/a through 1.7. | -- | Apr 18, 2024 |
CVE-2024-32588 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in ThimPress LearnPress Export Import allows Reflected XSS.This issue affects LearnPress Export Import: from n/a through 4.0.3. | -- | Apr 18, 2024 |
CVE-2024-32587 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a through 2.2. | -- | Apr 18, 2024 |
CVE-2024-32586 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Munir Kamal Gutenberg Block Editor Toolkit allows Stored XSS.This issue affects Gutenberg Block Editor Toolkit: from n/a through 1.40.4. | -- | Apr 18, 2024 |
CVE-2024-32585 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue affects Import Content in WordPress & WooCommerce with Excel: from n/a through 4.2. | -- | Apr 18, 2024 |
CVE-2024-32584 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in StandaloneTech TeraWallet – For WooCommerce allows Stored XSS.This issue affects TeraWallet – For WooCommerce: from n/a through 1.5.0. | -- | Apr 18, 2024 |
CVE-2024-32583 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Photo Gallery Team Photo Gallery by 10Web allows Reflected XSS.This issue affects Photo Gallery by 10Web: from n/a through 1.8.21. | -- | Apr 18, 2024 |
CVE-2024-32582 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Bowo Debug Log Manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through 2.3.1. | -- | Apr 18, 2024 |
CVE-2024-32581 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Lenderd Mortgage Calculators WP allows Stored XSS.This issue affects Mortgage Calculators WP: from n/a through 1.56. | -- | Apr 18, 2024 |
CVE-2024-32580 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Averta Master Slider allows Stored XSS.This issue affects Master Slider: from n/a through 3.9.8. | -- | Apr 18, 2024 |
CVE-2024-32579 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation allows Stored XSS.This issue affects Restaurant Menu – Food Ordering System – Table Reservation: from n/a through 2.4.1. | -- | Apr 18, 2024 |
CVE-2024-32578 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in 10Web Slider by 10Web allows Reflected XSS.This issue affects Slider by 10Web: from n/a through 1.2.54. | -- | Apr 18, 2024 |
CVE-2024-32577 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Codeboxr Team CBX Bookmark & Favorite cbxwpbookmark allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.20. | -- | Apr 18, 2024 |
CVE-2024-32576 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8. | -- | Apr 18, 2024 |
CVE-2024-32575 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.1.9. | -- | Apr 18, 2024 |
CVE-2024-32574 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Reflected XSS.This issue affects WP Simple HTML Sitemap: from n/a through 2.8. | -- | Apr 18, 2024 |
CVE-2024-32573 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WP Lab WP-Lister Lite for eBay allows Stored XSS.This issue affects WP-Lister Lite for eBay: from n/a through 3.5.11. | -- | Apr 18, 2024 |
CVE-2024-32572 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elementor Addons: from n/a through 5.6.0. | -- | Apr 18, 2024 |
CVE-2024-32571 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in naa986 WP Stripe Checkout allows Stored XSS.This issue affects WP Stripe Checkout: from n/a through 1.2.2.41. | -- | Apr 18, 2024 |
CVE-2024-32570 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Archetyped Cornerstone allows Reflected XSS.This issue affects Cornerstone: from n/a through 0.8.0. | -- | Apr 18, 2024 |
CVE-2024-32569 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Metaphor Creations Ditty allows Stored XSS.This issue affects Ditty: from n/a through 3.1.31. | -- | Apr 18, 2024 |
CVE-2024-32568 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Melapress WP 2FA allows Reflected XSS.This issue affects WP 2FA: from n/a through 2.6.2. | -- | Apr 18, 2024 |
CVE-2024-32567 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Designinvento DirectoryPress allows Reflected XSS.This issue affects DirectoryPress: from n/a through 3.6.7. | -- | Apr 18, 2024 |
CVE-2024-32566 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WP Club Manager allows Stored XSS.This issue affects WP Club Manager: from n/a through 2.2.11. | -- | Apr 18, 2024 |
CVE-2024-32565 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Appcheap.Io App Builder allows Stored XSS.This issue affects App Builder: from n/a through 3.8.8. | -- | Apr 18, 2024 |