The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2024-30560 | Cross-Site Request Forgery (CSRF) vulnerability in ??WP DX-Watermark.This issue affects DX-Watermark: from n/a through 1.0.4. | -- | Apr 25, 2024 |
| CVE-2024-30559 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Maurice Spin 360 deg and 3D Model Viewer allows Stored XSS.This issue affects Spin 360 deg and 3D Model Viewer: from n/a through 1.2.7. | -- | Apr 1, 2024 |
| CVE-2024-30558 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Michael Simpson Add Shortcodes Actions And Filters allows Reflected XSS.This issue affects Add Shortcodes Actions And Filters: from n/a through 2.10. | -- | Apr 1, 2024 |
| CVE-2024-30557 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Aesopinteractive Aesop Story Engine allows Stored XSS.This issue affects Aesop Story Engine: from n/a through 2.3.2. | -- | Apr 1, 2024 |
| CVE-2024-30556 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in MightyThemes Mighty Classic Pros And Cons allows Stored XSS.This issue affects Mighty Classic Pros And Cons: from n/a through 2.0.9. | -- | Apr 1, 2024 |
| CVE-2024-30555 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Sayan Datta Ultimate Social Comments – Email Notification & Lazy Load allows Stored XSS.This issue affects Ultimate Social Comments – Email Notification & Lazy Load: from n/a through 1.4.8. | -- | Apr 1, 2024 |
| CVE-2024-30554 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Wouter Dijkstra DD Rating allows Stored XSS.This issue affects DD Rating: from n/a through 1.7.1. | -- | Apr 1, 2024 |
| CVE-2024-30553 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Joby Joseph WP Twitter Mega Fan Box Widget allows Stored XSS.This issue affects WP Twitter Mega Fan Box Widget : from n/a through 1.0. | -- | Apr 1, 2024 |
| CVE-2024-30552 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in wppdf.Org Responsive flipbook allows Stored XSS.This issue affects Responsive flipbook: from n/a through 1.0.0. | -- | Apr 1, 2024 |
| CVE-2024-30551 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Toast Plugins Sticky Anything.This issue affects Sticky Anything: from n/a through 2.1.5. | -- | Apr 1, 2024 |
| CVE-2024-30550 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Reflected XSS.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3. | -- | Apr 1, 2024 |
| CVE-2024-30549 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Stored XSS.This issue affects Contact Forms by Cimatti: from n/a through 1.8.0. | -- | Apr 1, 2024 |
| CVE-2024-30548 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Noah Kagan underConstruction allows Stored XSS.This issue affects underConstruction: from n/a through 1.21. | -- | Apr 1, 2024 |
| CVE-2024-30546 | Cross-Site Request Forgery (CSRF) vulnerability in Pixelite Login With Ajax.This issue affects Login With Ajax: from n/a through 4.1. | -- | Apr 15, 2024 |
| CVE-2024-30545 | Cross-Site Request Forgery (CSRF) vulnerability in Nick Powers Social Author Bio allows Stored XSS.This issue affects Social Author Bio: from n/a through 2.4. | -- | Apr 15, 2024 |
| CVE-2024-30543 | Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18. | -- | Apr 1, 2024 |
| CVE-2024-30541 | Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Optimize.This issue affects LWS Optimize: from n/a through 1.9.1. | -- | Apr 1, 2024 |
| CVE-2024-30536 | Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Slugs Manager.This issue affects Slugs Manager: from n/a through 2.6.7. | -- | Apr 1, 2024 |
| CVE-2024-30535 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in WhiteStudio Easy Form Builder.This issue affects Easy Form Builder: from n/a through 3.7.4. | -- | Apr 1, 2024 |
| CVE-2024-30533 | Unrestricted Upload of File with Dangerous Type vulnerability in Techeshta Layouts for Elementor.This issue affects Layouts for Elementor: from n/a before 1.8. | -- | Apr 1, 2024 |
| CVE-2024-30532 | Server-Side Request Forgery (SSRF) vulnerability in Builderall Team Builderall Builder for WordPress.This issue affects Builderall Builder for WordPress: from n/a through 2.0.1. | -- | Apr 2, 2024 |
| CVE-2024-30531 | Server-Side Request Forgery (SSRF) vulnerability in Nelio Software Nelio Content.This issue affects Nelio Content: from n/a through 3.2.0. | -- | Apr 2, 2024 |
| CVE-2024-30530 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar allows Stored XSS.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 5.1. | -- | Apr 1, 2024 |
| CVE-2024-30526 | Cross-Site Request Forgery (CSRF) vulnerability in Easy Social Feed.This issue affects Easy Social Feed: from n/a through 6.5.6. | -- | Apr 1, 2024 |
| CVE-2024-30524 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in RedLettuce Plugins PDF Viewer for Elementor allows Stored XSS.This issue affects PDF Viewer for Elementor: from n/a through 2.9.3. | -- | Apr 1, 2024 |
| CVE-2024-30523 | Insertion of Sensitive Information into Log File vulnerability in Paid Memberships Pro Paid Memberships Pro – Mailchimp Add On pmpro-mailchimp.This issue affects Paid Memberships Pro – Mailchimp Add On: from n/a through 2.3.4. | -- | Apr 1, 2024 |
| CVE-2024-30521 | Cross-Site Request Forgery (CSRF) vulnerability in Landingi Landingi Landing Pages.This issue affects Landingi Landing Pages: from n/a through 3.1.1. | -- | Apr 1, 2024 |
| CVE-2024-30520 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Labib Ahmed Carousel Anything For WPBakery Page Builder allows Stored XSS.This issue affects Carousel Anything For WPBakery Page Builder: from n/a through 2.1. | -- | Mar 29, 2024 |
| CVE-2024-30519 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Lordicon Lordicon Animated Icons allows Stored XSS.This issue affects Lordicon Animated Icons: from n/a through 2.0.1. | -- | Mar 29, 2024 |
| CVE-2024-30518 | Cross-Site Request Forgery (CSRF) vulnerability in ThemeLocation Custom WooCommerce Checkout Fields Editor.This issue affects Custom WooCommerce Checkout Fields Editor: from n/a through 1.3.0. | -- | Apr 1, 2024 |
| CVE-2024-30514 | Insertion of Sensitive Information into Log File vulnerability in Paid Memberships Pro Paid Memberships Pro – Payfast Gateway Add On.This issue affects Paid Memberships Pro – Payfast Gateway Add On: from n/a through 1.4.1. | -- | Apr 1, 2024 |
| CVE-2024-30513 | Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.2. | -- | Apr 1, 2024 |
| CVE-2024-30511 | Insertion of Sensitive Information into Log File vulnerability in Frédéric GILLES FG PrestaShop to WooCommerce.This issue affects FG PrestaShop to WooCommerce: from n/a through 4.45.1. | -- | Apr 1, 2024 |
| CVE-2024-30510 | Unrestricted Upload of File with Dangerous Type vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 9.5. | -- | Apr 1, 2024 |
| CVE-2024-30508 | Missing Authorization vulnerability in ThimPress WP Hotel Booking.This issue affects WP Hotel Booking: from n/a through 2.0.9.2. | -- | Apr 1, 2024 |
| CVE-2024-30507 | Authorization Bypass Through User-Controlled Key vulnerability in Molongui.This issue affects Molongui: from n/a through 4.7.7. | -- | Apr 1, 2024 |
| CVE-2024-30506 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Vsourz Digital All In One Redirection allows Stored XSS.This issue affects All In One Redirection: from n/a through 2.2.0. | -- | Apr 1, 2024 |
| CVE-2024-30505 | Missing Authorization vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.1.18. | -- | Apr 1, 2024 |
| CVE-2024-30504 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in WP Travel Engine.This issue affects WP Travel Engine: from n/a through 5.7.9. | -- | Apr 1, 2024 |
| CVE-2024-30503 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in EverPress Mailster allows Reflected XSS.This issue affects Mailster: from n/a through 4.0.6. | -- | Mar 29, 2024 |
| CVE-2024-30502 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in WP Travel Engine.This issue affects WP Travel Engine: from n/a through 5.7.9. | -- | Apr 1, 2024 |
| CVE-2024-30501 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.9.4. | -- | Apr 1, 2024 |
| CVE-2024-30500 | Unrestricted Upload of File with Dangerous Type vulnerability in CubeWP CubeWP – All-in-One Dynamic Content Framework.This issue affects CubeWP – All-in-One Dynamic Content Framework: from n/a through 1.1.12. | -- | Apr 1, 2024 |
| CVE-2024-30499 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in CRM Perks CRM Perks Forms.This issue affects CRM Perks Forms: from n/a through 1.1.4. | -- | Apr 1, 2024 |
| CVE-2024-30498 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in CRM Perks CRM Perks Forms.This issue affects CRM Perks Forms: from n/a through 1.1.4. | -- | Apr 1, 2024 |
| CVE-2024-30497 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs.This issue affects WP Responsive Tabs horizontal vertical and accordion Tabs: from n/a through 1.1.17. | -- | Apr 1, 2024 |
| CVE-2024-30496 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in BdThemes Element Pack Elementor Addons.This issue affects Element Pack Elementor Addons: from n/a through 5.5.3. | -- | Apr 1, 2024 |
| CVE-2024-30495 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Faboba Falang multilanguage.This issue affects Falang multilanguage: from n/a through 1.3.47. | -- | Apr 1, 2024 |
| CVE-2024-30494 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in ?? OSS Aliyun.This issue affects OSS Aliyun: from n/a through 1.4.10. | -- | Apr 1, 2024 |
| CVE-2024-30493 | Cross-Site Request Forgery (CSRF) vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.1.7. | -- | Apr 1, 2024 |
