The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2024-32564 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Post Grid Team by WPXPO PostX – Gutenberg Blocks for Post Grid allows Stored XSS.This issue affects PostX – Gutenberg Blocks for Post Grid: from n/a through 4.0.1. | -- | Apr 18, 2024 | n/a |
| CVE-2024-32563 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in VikBooking Hotel Booking Engine & PMS allows Reflected XSS.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.6.7. | -- | Apr 18, 2024 | n/a |
| CVE-2024-32562 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Stored XSS.This issue affects Z Y N I T H: from n/a through 7.4.9. | -- | Apr 18, 2024 | n/a |
| CVE-2024-32561 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Tagembed allows Stored XSS.This issue affects Tagembed: from n/a through 4.7. | -- | Apr 18, 2024 | n/a |
| CVE-2024-32560 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Sharabindu QR Code Composer allows Stored XSS.This issue affects QR Code Composer: from n/a through 2.0.3. | -- | Apr 18, 2024 | n/a |
| CVE-2024-32559 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post allows Reflected XSS.This issue affects WP 404 Auto Redirect to Similar Post: from n/a through 1.0.4. | -- | Apr 18, 2024 | n/a |
| CVE-2024-32558 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in impleCode eCommerce Product Catalog allows Reflected XSS.This issue affects eCommerce Product Catalog: from n/a through 3.3.32. | -- | Apr 18, 2024 | n/a |
| CVE-2024-32557 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Exclusive Addons Exclusive Addons Elementor allows Stored XSS.This issue affects Exclusive Addons Elementor: from n/a through 2.6.9.2. | -- | Apr 16, 2024 | n/a |
| CVE-2024-32556 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Nabil Lemsieh HurryTimer allows Stored XSS.This issue affects HurryTimer: from n/a through 2.9.2. | -- | Apr 18, 2024 | n/a |
| CVE-2024-32554 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Knight Lab Knight Lab Timeline allows Stored XSS.This issue affects Knight Lab Timeline: from n/a through 3.9.3.4. | -- | Apr 18, 2024 | n/a |
| CVE-2024-32553 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in looks_awesome Superfly Menu allows Stored XSS.This issue affects Superfly Menu: from n/a through 5.0.25. | -- | Apr 18, 2024 | n/a |
| CVE-2024-32552 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Tagbox Taggbox allows Stored XSS.This issue affects Taggbox: from n/a through 3.2. | -- | Apr 18, 2024 | n/a |
| CVE-2024-32551 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager : from n/a through 4.71. | -- | Apr 18, 2024 | n/a |
| CVE-2024-32550 | Cross-Site Request Forgery (CSRF) vulnerability in BMI Adult & Kid Calculator allows Stored XSS.This issue affects BMI Adult & Kid Calculator: from n/a through 1.2.1. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32549 | Cross-Site Request Forgery (CSRF) vulnerability in Microkid Related Posts for WordPress allows Cross-Site Scripting (XSS).This issue affects Related Posts for WordPress: from n/a through 4.0.3. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32548 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Hideki Tanaka What\'s New Generator allows Stored XSS.This issue affects What\'s New Generator: from n/a through 2.0.2. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32547 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Insert Manager (Q2W3 Inc Manager): from n/a through 2.5.3. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32546 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Adam Bowen Tax Rate Upload allows Reflected XSS.This issue affects Tax Rate Upload: from n/a through 2.4.5. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32545 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Canva Canva – Design beautiful blog graphics allows Reflected XSS.This issue affects Canva – Design beautiful blog graphics: from n/a through 1.2.4. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32544 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Netgsm allows Reflected XSS.This issue affects Netgsm: from n/a through 2.8. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32543 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Minoji MJ Update History allows Reflected XSS.This issue affects MJ Update History: from n/a through 1.0.4. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32542 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Organic Themes Bulk Block Converter allows Reflected XSS.This issue affects Bulk Block Converter: from n/a through 1.0.1. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32541 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Tobias Battenberg WP-Cufon allows Stored XSS.This issue affects WP-Cufon: from n/a through 1.6.10. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32540 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Web357 Fixed HTML Toolbar allows Stored XSS.This issue affects Fixed HTML Toolbar: from n/a through 1.0.7. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32539 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in JoomUnited WP File Download Light allows Stored XSS.This issue affects WP File Download Light: from n/a through 1.3.3. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32538 | Cross-Site Request Forgery (CSRF) vulnerability in Joshua Eldridge Easy CountDowner allows Stored XSS.This issue affects Easy CountDowner: from n/a through 1.0.8. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32536 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Trade Pips WP TradingView allows Stored XSS.This issue affects WP TradingView: from n/a through 1.7. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32535 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Jojaba Access Category Password allows Reflected XSS.This issue affects Access Category Password: from n/a through 1.5.1. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32534 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Stored XSS.This issue affects Form Maker by 10Web: from n/a through 1.15.23. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32533 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Peter Shaw LH Add Media From Url allows Reflected XSS.This issue affects LH Add Media From Url: from n/a through 1.22. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32532 | Missing Authorization vulnerability in SiteGround Speed Optimizer.This issue affects Speed Optimizer: from n/a through 7.4.6. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32531 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Everest themes GuCherry Blog allows Reflected XSS.This issue affects GuCherry Blog: from n/a through 1.1.8. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32530 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in PressTigers Simple Testimonials Showcase allows Stored XSS.This issue affects Simple Testimonials Showcase: from n/a through 1.1.5. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32529 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Momoyoga Yoga Schedule Momoyoga allows Stored XSS.This issue affects Yoga Schedule Momoyoga: from n/a through 2.7.0. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32528 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Seerox WP Dynamic Keywords Injector allows Reflected XSS.This issue affects WP Dynamic Keywords Injector: from n/a through 2.3.18. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32527 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Jotform Jotform Online Forms allows Stored XSS.This issue affects Jotform Online Forms: from n/a through 1.3.1. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32526 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Flector Easy Textillate allows Stored XSS.This issue affects Easy Textillate: from n/a through 2.02. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32525 | Missing Authorization vulnerability in Theme My Login.This issue affects Theme My Login: from n/a through 7.1.6. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32524 | Missing Authorization vulnerability in Nuggethon Custom Order Statuses for WooCommerce.This issue affects Custom Order Statuses for WooCommerce: from n/a through 1.5.2. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32522 | Missing Authorization vulnerability in Jaed Mosharraf & Pluginbazar Team Open Close WooCommerce Store.This issue affects Open Close WooCommerce Store: from n/a through 4.9.1. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32520 | Missing Authorization vulnerability in WPClever WPC Grouped Product for WooCommerce.This issue affects WPC Grouped Product for WooCommerce: from n/a through 4.4.2. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32519 | Missing Authorization vulnerability in GutenGeek GG Woo Feed for WooCommerce.This issue affects GG Woo Feed for WooCommerce: from n/a through 1.2.6. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32518 | Missing Authorization vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 2.0.0. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32517 | Missing Authorization vulnerability in WooCommerce & WordPress Tutorials Custom Thank You Page Customize For WooCommerce by Binary Carpenter.This issue affects Custom Thank You Page Customize For WooCommerce by Binary Carpenter: from n/a through 1.4.12. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32516 | Missing Authorization vulnerability in Palscode Multi Currency For WooCommerce.This issue affects Multi Currency For WooCommerce: from n/a through 1.5.5. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32515 | Missing Authorization vulnerability in Qamar Sheeraz, Nasir Ahmad Mega Addons For Elementor.This issue affects Mega Addons For Elementor: from n/a through 1.8. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32514 | Unrestricted Upload of File with Dangerous Type vulnerability in Poll Maker & Voting Plugin Team (InfoTheme) WP Poll Maker.This issue affects WP Poll Maker: from n/a through 3.4. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32513 | Insertion of Sensitive Information into Log File vulnerability in AdTribes.Io Product Feed PRO for WooCommerce.This issue affects Product Feed PRO for WooCommerce: from n/a through 13.3.1. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32510 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Loopus WP Cost Estimation & Payment Forms Builder allows Reflected XSS.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.75. | -- | Apr 17, 2024 | n/a |
| CVE-2024-32509 | Missing Authorization vulnerability in Loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.76. | -- | Apr 17, 2024 | n/a |
