The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2024-34031 | Delta Electronics DIAEnergie is vulnerable to an SQL injection vulnerability that exists in the script Handler_CFG.ashx. An authenticated attacker can exploit this issue to potentially compromise the system on which DIAEnergie is deployed. | -- | May 3, 2024 |
CVE-2024-34020 | A stack-based buffer overflow was found in the putSDN() function of mail.c in hcode through 2.1. | -- | Apr 29, 2024 |
CVE-2024-34011 | Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758. | -- | Apr 29, 2024 |
CVE-2024-34010 | Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758. | -- | Apr 29, 2024 |
CVE-2024-33956 | Missing Authorization vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0. | -- | May 14, 2024 |
CVE-2024-33955 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Theme Freesia Freesia Empire allows Stored XSS.This issue affects Freesia Empire: from n/a through 1.4.1. | -- | May 14, 2024 |
CVE-2024-33954 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Atanas Yonkov Pliska allows Stored XSS.This issue affects Pliska: from n/a through 0.3.5. | -- | May 14, 2024 |
CVE-2024-33953 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Matt van Andel Adventure Journal allows Stored XSS.This issue affects Adventure Journal: from n/a through 1.7.2. | -- | May 14, 2024 |
CVE-2024-33952 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Justin Tadlock Unique allows Stored XSS.This issue affects Unique: from n/a through 0.3.0. | -- | May 14, 2024 |
CVE-2024-33951 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Adam DeHaven Perfect Pullquotes allows Stored XSS.This issue affects Perfect Pullquotes: from n/a through 1.7.5. | -- | May 14, 2024 |
CVE-2024-33950 | Administrator Cross Site Scripting (XSS) in Archives Calendar Widget <= 1.0.15 versions. | -- | May 14, 2024 |
CVE-2024-33949 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Vark Min and Max Purchase for WooCommerce allows Stored XSS.This issue affects Min and Max Purchase for WooCommerce: from n/a through 2.0.0. | -- | May 2, 2024 |
CVE-2024-33948 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Pixel Industry TweetScroll Widget allows Stored XSS.This issue affects TweetScroll Widget: from n/a through 1.3.7. | -- | May 2, 2024 |
CVE-2024-33947 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Metagauss RegistrationMagic allows Reflected XSS.This issue affects RegistrationMagic: from n/a through 5.3.2.0. | -- | May 3, 2024 |
CVE-2024-33946 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WPify s.R.O. WPify Woo Czech allows Reflected XSS.This issue affects WPify Woo Czech: from n/a through 4.0.10. | -- | May 3, 2024 |
CVE-2024-33945 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in solverwp.Com Eleblog – Elementor Blog And Magazine Addons allows Stored XSS.This issue affects Eleblog – Elementor Blog And Magazine Addons: from n/a through 1.8. | -- | May 3, 2024 |
CVE-2024-33944 | Missing Authorization vulnerability in Kestrel WooCommerce AWeber Newsletter Subscription.This issue affects WooCommerce AWeber Newsletter Subscription: from n/a through 4.0.2. | -- | May 2, 2024 |
CVE-2024-33943 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in HappyKite Ultimate Under Construction allows Stored XSS.This issue affects Ultimate Under Construction: from n/a through 1.9.3. | -- | May 3, 2024 |
CVE-2024-33942 | Missing Authorization vulnerability in Eric Alli Google Typography.This issue affects Google Typography: from n/a through 1.1.2. | -- | May 14, 2024 |
CVE-2024-33941 | Missing Authorization vulnerability in Avirtum iPanorama 360 WordPress Virtual Tour Builder.This issue affects iPanorama 360 WordPress Virtual Tour Builder: from n/a through 1.8.1. | -- | May 3, 2024 |
CVE-2024-33940 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Ashan Jay EventON allows Stored XSS.This issue affects EventON: from n/a through 2.2.14. | -- | May 3, 2024 |
CVE-2024-33938 | Missing Authorization vulnerability in codename065 Sliding Widgets allows Cross-Site Scripting (XSS).This issue affects Sliding Widgets: from n/a through 1.5.0. | -- | May 14, 2024 |
CVE-2024-33937 | Missing Authorization vulnerability in Nico Martin Progressive WordPress (PWA).This issue affects Progressive WordPress (PWA): from n/a through 2.1.13. | -- | May 3, 2024 |
CVE-2024-33936 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Twinpictures Print-O-Matic allows Stored XSS.This issue affects Print-O-Matic: from n/a through 2.1.10. | -- | May 3, 2024 |
CVE-2024-33935 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Pascal Bajorat PB MailCrypt allows Stored XSS.This issue affects PB MailCrypt: from n/a through 3.1.0. | -- | May 3, 2024 |
CVE-2024-33934 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Kailey Lampert Mini Loops allows Stored XSS.This issue affects Mini Loops: from n/a through 1.4.1. | -- | May 3, 2024 |
CVE-2024-33932 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Vinod Dalvi Login Logout Register Menu allows Stored XSS.This issue affects Login Logout Register Menu: from n/a through 2.0. | -- | May 3, 2024 |
CVE-2024-33931 | Missing Authorization vulnerability in ilGhera JW Player for WordPress.This issue affects JW Player for WordPress: from n/a through 2.3.3. | -- | May 3, 2024 |
CVE-2024-33930 | URL Redirection to Untrusted Site (\'Open Redirect\') vulnerability in ILLID Share This Image.This issue affects Share This Image: from n/a through 1.97. | -- | May 2, 2024 |
CVE-2024-33929 | Missing Authorization vulnerability in wpWax Directorist.This issue affects Directorist: from n/a through 7.8.6. | -- | May 3, 2024 |
CVE-2024-33928 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in CodeBard CodeBard\'s Patron Button and Widgets for Patreon allows Reflected XSS.This issue affects CodeBard\'s Patron Button and Widgets for Patreon: from n/a through 2.2.0. | -- | May 3, 2024 |
CVE-2024-33927 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Team GIPHY Giphypress allows Stored XSS.This issue affects Giphypress: from n/a through 1.6.2. | -- | May 3, 2024 |
CVE-2024-33926 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Karl Kiesinger GWP-Histats allows Stored XSS.This issue affects GWP-Histats: from n/a through 1.0. | -- | May 3, 2024 |
CVE-2024-33925 | Missing Authorization vulnerability in Adrian Mörchen Embed Google Fonts.This issue affects Embed Google Fonts: from n/a through 3.1.0. | -- | May 3, 2024 |
CVE-2024-33924 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Realtyna Realtyna Organic IDX plugin allows Reflected XSS.This issue affects Realtyna Organic IDX plugin: from n/a through 4.14.4. | -- | May 3, 2024 |
CVE-2024-33923 | Missing Authorization vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager : from n/a through 4.69. | -- | May 3, 2024 |
CVE-2024-33922 | Insertion of Sensitive Information into Log File vulnerability in Jordy Meow WP Media Cleaner.This issue affects WP Media Cleaner: from n/a through 6.7.2. | -- | May 2, 2024 |
CVE-2024-33921 | Broken Access Control vulnerability in ReviewX.This issue affects ReviewX: from n/a through 1.6.21. | -- | May 3, 2024 |
CVE-2024-33920 | Missing Authorization vulnerability in Kama Democracy Poll.This issue affects Democracy Poll: from n/a through 6.0.3. | -- | May 3, 2024 |
CVE-2024-33919 | Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor.This issue affects RomethemeKit For Elementor: from n/a through 1.4.1. | -- | May 3, 2024 |
CVE-2024-33918 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Maxim K AJAX Login and Registration modal popup + inline form allows Stored XSS.This issue affects AJAX Login and Registration modal popup + inline form: from n/a through 2.23. | -- | May 3, 2024 |
CVE-2024-33916 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in MachoThemes CPO Companion allows Stored XSS.This issue affects CPO Companion: from n/a through 1.1.0. | -- | May 3, 2024 |
CVE-2024-33915 | Missing Authorization vulnerability in Bowo Debug Log Manager.This issue affects Debug Log Manager: from n/a through 2.3.1. | -- | May 3, 2024 |
CVE-2024-33914 | Missing Authorization vulnerability in Exclusive Addons Exclusive Addons Elementor.This issue affects Exclusive Addons Elementor: from n/a through 2.6.9.1. | -- | May 3, 2024 |
CVE-2024-33913 | Cross-Site Request Forgery (CSRF) vulnerability leading to Arbitrary File Upload in Xserver Migrator.This issue affects Xserver Migrator: from n/a through 1.6.1. | -- | May 2, 2024 |
CVE-2024-33912 | Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16. | -- | May 6, 2024 |
CVE-2024-33911 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4. | -- | May 2, 2024 |
CVE-2024-33910 | Missing Authorization vulnerability in Supsystic Digital Publications by Supsystic.This issue affects Digital Publications by Supsystic: from n/a through 1.7.7. | -- | May 6, 2024 |
CVE-2024-33908 | Missing Authorization vulnerability in Themesgrove WidgetKit.This issue affects WidgetKit: from n/a through 2.5.0. | -- | May 7, 2024 |
CVE-2024-33907 | Missing Authorization vulnerability in Michael Nelson Print My Blog.This issue affects Print My Blog: from n/a through 3.26.2. | -- | May 7, 2024 |