The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2024-32454 | Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom GoogleMeet and more – Wappointment.This issue affects Appointment Bookings for Zoom GoogleMeet and more – Wappointment: from n/a through 2.6.0. | -- | Apr 15, 2024 |
| CVE-2024-32453 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in POEditor allows Stored XSS.This issue affects POEditor: from n/a through 0.9.8. | -- | Apr 15, 2024 |
| CVE-2024-32452 | Cross-Site Request Forgery (CSRF) vulnerability in WP EasyCart.This issue affects WP EasyCart: from n/a through 5.5.19. | -- | Apr 15, 2024 |
| CVE-2024-32451 | Cross-Site Request Forgery (CSRF) vulnerability in wpWax Legal Pages.This issue affects Legal Pages: from n/a through 1.4.2. | -- | Apr 15, 2024 |
| CVE-2024-32450 | Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team WpTravelly.This issue affects WpTravelly: from n/a through 1.6.0. | -- | Apr 15, 2024 |
| CVE-2024-32449 | Cross-Site Request Forgery (CSRF) vulnerability in MagniGenie RestroPress.This issue affects RestroPress: from n/a through 3.1.2. | -- | Apr 15, 2024 |
| CVE-2024-32448 | Cross-Site Request Forgery (CSRF) vulnerability in VideoYield.Com Ads.Txt Admin.This issue affects Ads.Txt Admin: from n/a through 1.3. | -- | Apr 15, 2024 |
| CVE-2024-32447 | Cross-Site Request Forgery (CSRF) vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1. | -- | Apr 15, 2024 |
| CVE-2024-32446 | Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce.This issue affects Wallet System for WooCommerce: from n/a through 2.5.9. | -- | Apr 15, 2024 |
| CVE-2024-32445 | Cross-Site Request Forgery (CSRF) vulnerability in Saleswonder Team WebinarIgnition.This issue affects WebinarIgnition: from n/a through 3.05.8. | -- | Apr 15, 2024 |
| CVE-2024-32443 | Cross-Site Request Forgery (CSRF) vulnerability in IP2Location Download IP2Location Country Blocker.This issue affects Download IP2Location Country Blocker: from n/a through 2.34.2. | -- | Apr 15, 2024 |
| CVE-2024-32442 | Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.7. | -- | Apr 15, 2024 |
| CVE-2024-32441 | Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.7. | -- | Apr 15, 2024 |
| CVE-2024-32440 | Cross-Site Request Forgery (CSRF) vulnerability in Thomas Belser Asgaros Forum.This issue affects Asgaros Forum: from n/a through 2.8.0. | -- | Apr 15, 2024 |
| CVE-2024-32439 | Cross-Site Request Forgery (CSRF) vulnerability in SwitchWP WP Client Reports.This issue affects WP Client Reports: from n/a through 1.0.22. | -- | Apr 15, 2024 |
| CVE-2024-32438 | Cross-Site Request Forgery (CSRF) vulnerability in cleverplugins.Com SEO Booster.This issue affects SEO Booster: from n/a through 3.8.9. | -- | Apr 15, 2024 |
| CVE-2024-32437 | Cross-Site Request Forgery (CSRF) vulnerability in impleCode eCommerce Product Catalog.This issue affects eCommerce Product Catalog: from n/a through 3.3.28. | -- | Apr 15, 2024 |
| CVE-2024-32436 | Cross-Site Request Forgery (CSRF) vulnerability in Codemenschen Gift Vouchers.This issue affects Gift Vouchers: from n/a through 4.4.0. | -- | Apr 15, 2024 |
| CVE-2024-32435 | Cross-Site Request Forgery (CSRF) vulnerability in Affieasy Team AffiEasy.This issue affects AffiEasy: from n/a through 1.1.4. | -- | Apr 15, 2024 |
| CVE-2024-32434 | Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Order Delivery Date for WooCommerce.This issue affects Order Delivery Date for WooCommerce: from n/a through 3.20.2. | -- | Apr 15, 2024 |
| CVE-2024-32433 | Cross-Site Request Forgery (CSRF) vulnerability in Themefic BEAF.This issue affects BEAF: from n/a through 4.5.4. | -- | Apr 15, 2024 |
| CVE-2024-32432 | Missing Authorization vulnerability in Ovic Team Ovic Addon Toolkit.This issue affects Ovic Addon Toolkit: from n/a through 2.6.1. | -- | Apr 24, 2024 |
| CVE-2024-32431 | Deserialization of Untrusted Data vulnerability in WP All Import Import Users from CSV.This issue affects Import Users from CSV: from n/a through 1.2. | -- | Apr 15, 2024 |
| CVE-2024-32430 | Server-Side Request Forgery (SSRF) vulnerability in ActiveCampaign.This issue affects ActiveCampaign: from n/a through 8.1.14. | -- | Apr 15, 2024 |
| CVE-2024-32429 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WPChill Remove Footer Credit allows Stored XSS.This issue affects Remove Footer Credit: from n/a through 1.0.13. | -- | Apr 15, 2024 |
| CVE-2024-32428 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Moss Web Works MWW Disclaimer Buttons allows Stored XSS.This issue affects MWW Disclaimer Buttons: from n/a through 3.0.2. | -- | Apr 15, 2024 |
| CVE-2024-32418 | An issue in flusity CMS v2.33 allows a remote attacker to execute arbitrary code via the add_addon.php component. | -- | Apr 22, 2024 |
| CVE-2024-32409 | An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script. | -- | Apr 19, 2024 |
| CVE-2024-32407 | An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature. | -- | Apr 22, 2024 |
| CVE-2024-32405 | Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQuestion parameter on Exam function. | -- | Apr 23, 2024 |
| CVE-2024-32399 | Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before allows a remote attacker to obtain sensitive information via the /webeditor/ component. | -- | Apr 23, 2024 |
| CVE-2024-32394 | An issue in ruijie.com/cn RG-RSR10-01G-T(WA)-S RSR_3.0(1)B9P2_RSR10-01G-TW-S_07150910 and RG-RSR10-01G-T(WA)-S RSR_3.0(1)B9P2_RSR10-01G-TW-S_07150910 allows a remote attacker to execute arbitrary code via a crafted HTTP request. | -- | Apr 23, 2024 |
| CVE-2024-32392 | Cross Site Scripting vulnerability in CmSimple v.5.15 allows a remote attacker to execute arbitrary code via the functions.php component. | -- | Apr 22, 2024 |
| CVE-2024-32391 | Cross Site Scripting vulnerability in MacCMS v.10 v.2024.1000.3000 allows a remote attacker to execute arbitrary code via a crafted payload. | -- | Apr 22, 2024 |
| CVE-2024-32368 | Insecure Permission vulnerability in Agasta Sanketlife 2.0 Pocket 12-Lead ECG Monitor FW Version 3.0 allows a local attacker to cause a denial of service via the Bluetooth Low Energy (BLE) component. | -- | Apr 22, 2024 |
| CVE-2024-32358 | An issue in Jpress v.5.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the custom plug-in module function. | -- | Apr 25, 2024 |
| CVE-2024-32345 | A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Configuration parameter under the Language section. | -- | Apr 18, 2024 |
| CVE-2024-32344 | A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit parameter under the Language section. | -- | Apr 18, 2024 |
| CVE-2024-32343 | A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter. | -- | Apr 18, 2024 |
| CVE-2024-32342 | A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Permalink parameter. | -- | Apr 18, 2024 |
| CVE-2024-32341 | Multiple cross-site scripting (XSS) vulnerabilities in the Home page of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into any of the parameters. | -- | Apr 18, 2024 |
| CVE-2024-32340 | A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the WEBSITE TITLE parameter under the Menu module. | -- | Apr 18, 2024 |
| CVE-2024-32339 | Multiple cross-site scripting (XSS) vulnerabilities in the HOW TO page of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into any of the parameters. | -- | Apr 18, 2024 |
| CVE-2024-32338 | A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE TITLE parameter under the Current Page module. | -- | Apr 18, 2024 |
| CVE-2024-32337 | A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ADMIN LOGIN URL parameter under the Security module. | -- | Apr 18, 2024 |
| CVE-2024-32335 | TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless Page. | -- | Apr 18, 2024 |
| CVE-2024-32334 | TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page. | -- | Apr 18, 2024 |
| CVE-2024-32333 | TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall Page. | -- | Apr 18, 2024 |
| CVE-2024-32332 | TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in WDS Settings under the Wireless Page. | -- | Apr 18, 2024 |
| CVE-2024-32327 | TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall Page. | -- | Apr 18, 2024 |
