The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2024-33651 | Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar : from n/a through 1.2.1. | -- | Apr 26, 2024 | n/a |
| CVE-2024-33650 | Cross-Site Request Forgery (CSRF) vulnerability in Cryout Creations Serious Slider.This issue affects Serious Slider: from n/a through 1.2.4. | -- | Apr 26, 2024 | n/a |
| CVE-2024-33649 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WpOpal Opal Widgets For Elementor allows Stored XSS.This issue affects Opal Widgets For Elementor: from n/a through 1.6.9. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33648 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in wzy Media Recencio Book Reviews allows Stored XSS.This issue affects Recencio Book Reviews: from n/a through 1.66.0. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33646 | Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Sticky Anything allows Cross-Site Scripting (XSS).This issue affects Sticky Anything: from n/a through 2.1.5. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33645 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Eftakhairul Islam & Sirajus Salayhin Easy Set Favicon allows Reflected XSS.This issue affects Easy Set Favicon: from n/a through 1.1. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33643 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Kailey Lampert Advanced Most Recent Posts Mod allows Stored XSS.This issue affects Advanced Most Recent Posts Mod: from n/a through 1.6.5.2. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33642 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in EkoJR Advanced Post List allows Stored XSS.This issue affects Advanced Post List: from n/a through 0.5.6.1. | -- | Apr 26, 2024 | n/a |
| CVE-2024-33641 | Deserialization of Untrusted Data vulnerability in Team Yoast Custom field finder.This issue affects Custom field finder: from n/a through 0.3. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33640 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in LBell Pretty Google Calendar allows Stored XSS.This issue affects Pretty Google Calendar: from n/a through 1.7.2. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33639 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in AccessAlly PopupAlly allows Stored XSS.This issue affects PopupAlly: from n/a through 2.1.1. | -- | Apr 26, 2024 | n/a |
| CVE-2024-33638 | Cross-Site Request Forgery (CSRF) vulnerability in Brijesh Kothari Smart Maintenance Mode.This issue affects Smart Maintenance Mode: from n/a through 1.4.4. | -- | Apr 26, 2024 | n/a |
| CVE-2024-33637 | Insertion of Sensitive Information into Log File vulnerability in Solid Plugins Solid Affiliate.This issue affects Solid Affiliate: from n/a through 1.9.1. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33636 | Missing Authorization vulnerability in Mahesh Vora WP Page Post Widget Clone.This issue affects WP Page Post Widget Clone: from n/a through 1.0.1. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33635 | Missing Authorization vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33634 | Server-Side Request Forgery (SSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33633 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Piotnet Piotnet Addons For Elementor Pro allows Reflected XSS.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33632 | Cross-Site Request Forgery (CSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33631 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Piotnet Piotnet Addons For Elementor Pro allows Stored XSS.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33630 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through 2.4.26. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33629 | Server-Side Request Forgery (SSRF) vulnerability in Creative Motion Auto Featured Image (Auto Post Thumbnail).This issue affects Auto Featured Image (Auto Post Thumbnail): from n/a through 4.0.0. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33627 | Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This issue affects Absolutely Glamorous Custom Admin: from n/a through 7.2.2. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33602 | -- | Apr 26, 2024 | n/a | |
| CVE-2024-33601 | -- | Apr 26, 2024 | n/a | |
| CVE-2024-33600 | -- | Apr 26, 2024 | n/a | |
| CVE-2024-33599 | -- | Apr 26, 2024 | n/a | |
| CVE-2024-33598 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Twinpictures Annual Archive allows Stored XSS.This issue affects Annual Archive: from n/a through 1.6.0. | -- | Apr 26, 2024 | n/a |
| CVE-2024-33597 | Missing Authorization vulnerability in ProFaceOff SSU.This issue affects SSU: from n/a through 1.5.0. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33596 | Missing Authorization vulnerability in Five Star Plugins Five Star Restaurant Reservations.This issue affects Five Star Restaurant Reservations: from n/a through 2.6.16. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33595 | Missing Authorization vulnerability in Jewel Theme Master Addons for Elementor.This issue affects Master Addons for Elementor: from n/a through 2.0.5.4.1. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33594 | Missing Authorization vulnerability in Leaky Paywall.This issue affects Leaky Paywall: from n/a through 4.20.8. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33593 | Missing Authorization vulnerability in RedNao Smart Forms.This issue affects Smart Forms: from n/a through 2.6.91. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33592 | Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73. | -- | Apr 25, 2024 | n/a |
| CVE-2024-33591 | Missing Authorization vulnerability in Tips and Tricks HQ Easy Accept Payments.This issue affects Easy Accept Payments: from n/a through 4.9.10. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33590 | Server-Side Request Forgery (SSRF) vulnerability in codeSavory Knowledge Base documentation & wiki plugin – BasePress.This issue affects Knowledge Base documentation & wiki plugin – BasePress: from n/a through 2.16.1. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33589 | Missing Authorization vulnerability in WPOmnia KB Support.This issue affects KB Support: from n/a through 1.6.0. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33588 | Missing Authorization vulnerability in codeSavory Knowledge Base documentation & wiki plugin – BasePress.This issue affects Knowledge Base documentation & wiki plugin – BasePress: from n/a through 2.16.1. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33587 | Missing Authorization vulnerability in Copy Content Protection Team Secure Copy Content Protection and Content Locking.This issue affects Secure Copy Content Protection and Content Locking: from n/a through 3.9.0. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33586 | Missing Authorization vulnerability in Photo Gallery Team Photo Gallery by 10Web.This issue affects Photo Gallery by 10Web: from n/a through 1.8.20. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33585 | Missing Authorization vulnerability in Tyche Softwares Payment Gateway Based Fees and Discounts for WooCommerce.This issue affects Payment Gateway Based Fees and Discounts for WooCommerce: from n/a through 2.12.1. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33584 | URL Redirection to Untrusted Site (\'Open Redirect\') vulnerability in Deepen Bajracharya Video Conferencing with Zoom.This issue affects Video Conferencing with Zoom: from n/a through 4.4.4. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33575 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in User Meta user-meta.This issue affects User Meta: from n/a through 3.0. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33571 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Infomaniak Staff VOD Infomaniak allows Reflected XSS.This issue affects VOD Infomaniak: from n/a through 1.5.6. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33566 | Missing Authorization vulnerability in N-Media OrderConvo allows OS Command Injection.This issue affects OrderConvo: from n/a through 12.4. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33562 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in 8theme XStore allows Reflected XSS.This issue affects XStore: from n/a through 9.3.5. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33559 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in 8theme XStore allows SQL Injection.This issue affects XStore: from n/a through 9.3.5. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33558 | Missing Authorization vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33554 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in 8theme XStore Core allows Reflected XSS.This issue affects XStore Core: from n/a through 5.3.5. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33553 | Deserialization of Untrusted Data vulnerability in 8theme XStore Core.This issue affects XStore Core: from n/a through 5.3.5. | -- | Apr 29, 2024 | n/a |
| CVE-2024-33551 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in 8theme XStore Core allows SQL Injection.This issue affects XStore Core: from n/a through 5.3.5. | -- | Apr 29, 2024 | n/a |
