The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2024-32634 | In huge memory get unmapped area check, code can never be reached because of a logical contradiction. | -- | Apr 16, 2024 | n/a |
| CVE-2024-32633 | An unsigned value can never be negative, so eMMC full disk test will always evaluate the same way. | -- | Apr 16, 2024 | n/a |
| CVE-2024-32632 | A value in ATCMD will be misinterpreted by printf, causing incorrect output and possibly out-of-bounds memory access | -- | Apr 16, 2024 | n/a |
| CVE-2024-32631 | Out-of-Bounds read in ciCCIOTOPT in ASR180X will cause incorrect computations. | -- | Apr 16, 2024 | n/a |
| CVE-2024-32625 | In OffloadAMRWriter, a scalar field is not initialized so will contain an arbitrary value left over from earlier computations | -- | Apr 16, 2024 | n/a |
| CVE-2024-32557 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Exclusive Addons Exclusive Addons Elementor allows Stored XSS.This issue affects Exclusive Addons Elementor: from n/a through 2.6.9.2. | -- | Apr 16, 2024 | n/a |
| CVE-2024-32489 | TCPDF before 6.7.4 mishandles calls that use HTML syntax. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32488 | In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update checks because weak permissions on the update-service folder allow attackers to place crafted DLL files there. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32487 | less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32460 | -- | Apr 17, 2024 | n/a | |
| CVE-2024-32459 | -- | Apr 17, 2024 | n/a | |
| CVE-2024-32458 | -- | Apr 17, 2024 | n/a | |
| CVE-2024-32455 | Missing Authorization vulnerability in Very Good Plugins Fatal Error Notify.This issue affects Fatal Error Notify: from n/a through 1.5.2. | -- | Apr 16, 2024 | n/a |
| CVE-2024-32454 | Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom GoogleMeet and more – Wappointment.This issue affects Appointment Bookings for Zoom GoogleMeet and more – Wappointment: from n/a through 2.6.0. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32453 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in POEditor allows Stored XSS.This issue affects POEditor: from n/a through 0.9.8. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32452 | Cross-Site Request Forgery (CSRF) vulnerability in WP EasyCart.This issue affects WP EasyCart: from n/a through 5.5.19. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32451 | Cross-Site Request Forgery (CSRF) vulnerability in wpWax Legal Pages.This issue affects Legal Pages: from n/a through 1.4.2. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32450 | Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team WpTravelly.This issue affects WpTravelly: from n/a through 1.6.0. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32449 | Cross-Site Request Forgery (CSRF) vulnerability in MagniGenie RestroPress.This issue affects RestroPress: from n/a through 3.1.2. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32448 | Cross-Site Request Forgery (CSRF) vulnerability in VideoYield.Com Ads.Txt Admin.This issue affects Ads.Txt Admin: from n/a through 1.3. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32447 | Cross-Site Request Forgery (CSRF) vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32446 | Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce.This issue affects Wallet System for WooCommerce: from n/a through 2.5.9. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32445 | Cross-Site Request Forgery (CSRF) vulnerability in Saleswonder Team WebinarIgnition.This issue affects WebinarIgnition: from n/a through 3.05.8. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32443 | Cross-Site Request Forgery (CSRF) vulnerability in IP2Location Download IP2Location Country Blocker.This issue affects Download IP2Location Country Blocker: from n/a through 2.34.2. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32442 | Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.7. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32441 | Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.7. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32440 | Cross-Site Request Forgery (CSRF) vulnerability in Thomas Belser Asgaros Forum.This issue affects Asgaros Forum: from n/a through 2.8.0. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32439 | Cross-Site Request Forgery (CSRF) vulnerability in SwitchWP WP Client Reports.This issue affects WP Client Reports: from n/a through 1.0.22. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32438 | Cross-Site Request Forgery (CSRF) vulnerability in cleverplugins.Com SEO Booster.This issue affects SEO Booster: from n/a through 3.8.9. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32437 | Cross-Site Request Forgery (CSRF) vulnerability in impleCode eCommerce Product Catalog.This issue affects eCommerce Product Catalog: from n/a through 3.3.28. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32436 | Cross-Site Request Forgery (CSRF) vulnerability in Codemenschen Gift Vouchers.This issue affects Gift Vouchers: from n/a through 4.4.0. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32435 | Cross-Site Request Forgery (CSRF) vulnerability in Affieasy Team AffiEasy.This issue affects AffiEasy: from n/a through 1.1.4. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32434 | Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Order Delivery Date for WooCommerce.This issue affects Order Delivery Date for WooCommerce: from n/a through 3.20.2. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32433 | Cross-Site Request Forgery (CSRF) vulnerability in Themefic BEAF.This issue affects BEAF: from n/a through 4.5.4. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32431 | Deserialization of Untrusted Data vulnerability in WP All Import Import Users from CSV.This issue affects Import Users from CSV: from n/a through 1.2. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32430 | Server-Side Request Forgery (SSRF) vulnerability in ActiveCampaign.This issue affects ActiveCampaign: from n/a through 8.1.14. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32429 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WPChill Remove Footer Credit allows Stored XSS.This issue affects Remove Footer Credit: from n/a through 1.0.13. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32428 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Moss Web Works MWW Disclaimer Buttons allows Stored XSS.This issue affects MWW Disclaimer Buttons: from n/a through 3.0.2. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32256 | Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via /tms/admin/change-image.php. When updating a current package, there are no checks for what types of files are uploaded from the image. | -- | Apr 16, 2024 | n/a |
| CVE-2024-32254 | Phpgurukul Tourism Management System v2.0 is vulnerable to Unrestricted Upload of File with Dangerous Type via tms/admin/create-package.php. When creating a new package, there is no checks for what types of files are uploaded from the image. | -- | Apr 16, 2024 | n/a |
| CVE-2024-32149 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in BlueGlass Jobs for WordPress allows Reflected XSS.This issue affects Jobs for WordPress: from n/a through 2.7.5. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32147 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Form Plugin Team - GhozyLab Easy Contact Form Lite allows Stored XSS.This issue affects Easy Contact Form Lite : from n/a through 1.1.23. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32145 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in PineWise WP Google Analytics Events allows Reflected XSS.This issue affects WP Google Analytics Events: from n/a through 2.8.0. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32141 | Cross-Site Request Forgery (CSRF) vulnerability in Libsyn Libsyn Publisher Hub.This issue affects Libsyn Publisher Hub: from n/a through 1.4.4. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32140 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Libsyn Libsyn Publisher Hub allows Stored XSS.This issue affects Libsyn Publisher Hub: from n/a through 1.4.4. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32139 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.0.12. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32138 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in KaizenCoders Short URL allows Reflected XSS.This issue affects Short URL: from n/a through 1.6.8. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32137 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Solwin User Activity Log Pro.This issue affects User Activity Log Pro: from n/a through 2.3.4. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32136 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through 2.0.3. | -- | Apr 15, 2024 | n/a |
| CVE-2024-32135 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in WPZest Disable Comments | WPZest.This issue affects Disable Comments | WPZest: from n/a through 1.51. | -- | Apr 15, 2024 | n/a |
