Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 220103 entries
IDDescriptionPriorityModified date
CVE-2024-32586 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Munir Kamal Gutenberg Block Editor Toolkit allows Stored XSS.This issue affects Gutenberg Block Editor Toolkit: from n/a through 1.40.4. -- Apr 18, 2024
CVE-2024-32585 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue affects Import Content in WordPress & WooCommerce with Excel: from n/a through 4.2. -- Apr 18, 2024
CVE-2024-32584 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in StandaloneTech TeraWallet – For WooCommerce allows Stored XSS.This issue affects TeraWallet – For WooCommerce: from n/a through 1.5.0. -- Apr 18, 2024
CVE-2024-32583 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Photo Gallery Team Photo Gallery by 10Web allows Reflected XSS.This issue affects Photo Gallery by 10Web: from n/a through 1.8.21. -- Apr 18, 2024
CVE-2024-32582 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Bowo Debug Log Manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through 2.3.1. -- Apr 18, 2024
CVE-2024-32581 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Lenderd Mortgage Calculators WP allows Stored XSS.This issue affects Mortgage Calculators WP: from n/a through 1.56. -- Apr 18, 2024
CVE-2024-32580 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Averta Master Slider allows Stored XSS.This issue affects Master Slider: from n/a through 3.9.8. -- Apr 18, 2024
CVE-2024-32579 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation allows Stored XSS.This issue affects Restaurant Menu – Food Ordering System – Table Reservation: from n/a through 2.4.1. -- Apr 18, 2024
CVE-2024-32578 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in 10Web Slider by 10Web allows Reflected XSS.This issue affects Slider by 10Web: from n/a through 1.2.54. -- Apr 18, 2024
CVE-2024-32577 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Codeboxr Team CBX Bookmark & Favorite cbxwpbookmark allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.20. -- Apr 18, 2024
CVE-2024-32576 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8. -- Apr 18, 2024
CVE-2024-32575 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.1.9. -- Apr 18, 2024
CVE-2024-32574 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Reflected XSS.This issue affects WP Simple HTML Sitemap: from n/a through 2.8. -- Apr 18, 2024
CVE-2024-32573 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WP Lab WP-Lister Lite for eBay allows Stored XSS.This issue affects WP-Lister Lite for eBay: from n/a through 3.5.11. -- Apr 18, 2024
CVE-2024-32572 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elementor Addons: from n/a through 5.6.0. -- Apr 18, 2024
CVE-2024-32571 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in naa986 WP Stripe Checkout allows Stored XSS.This issue affects WP Stripe Checkout: from n/a through 1.2.2.41. -- Apr 18, 2024
CVE-2024-32570 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Archetyped Cornerstone allows Reflected XSS.This issue affects Cornerstone: from n/a through 0.8.0. -- Apr 18, 2024
CVE-2024-32569 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Metaphor Creations Ditty allows Stored XSS.This issue affects Ditty: from n/a through 3.1.31. -- Apr 18, 2024
CVE-2024-32568 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Melapress WP 2FA allows Reflected XSS.This issue affects WP 2FA: from n/a through 2.6.2. -- Apr 18, 2024
CVE-2024-32567 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Designinvento DirectoryPress allows Reflected XSS.This issue affects DirectoryPress: from n/a through 3.6.7. -- Apr 18, 2024
CVE-2024-32566 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WP Club Manager allows Stored XSS.This issue affects WP Club Manager: from n/a through 2.2.11. -- Apr 18, 2024
CVE-2024-32565 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Appcheap.Io App Builder allows Stored XSS.This issue affects App Builder: from n/a through 3.8.8. -- Apr 18, 2024
CVE-2024-32564 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Post Grid Team by WPXPO PostX – Gutenberg Blocks for Post Grid allows Stored XSS.This issue affects PostX – Gutenberg Blocks for Post Grid: from n/a through 4.0.1. -- Apr 18, 2024
CVE-2024-32563 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in VikBooking Hotel Booking Engine & PMS allows Reflected XSS.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.6.7. -- Apr 18, 2024
CVE-2024-32562 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Stored XSS.This issue affects Z Y N I T H: from n/a through 7.4.9. -- Apr 18, 2024
CVE-2024-32561 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Tagembed allows Stored XSS.This issue affects Tagembed: from n/a through 4.7. -- Apr 18, 2024
CVE-2024-32560 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Sharabindu QR Code Composer allows Stored XSS.This issue affects QR Code Composer: from n/a through 2.0.3. -- Apr 18, 2024
CVE-2024-32559 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post allows Reflected XSS.This issue affects WP 404 Auto Redirect to Similar Post: from n/a through 1.0.4. -- Apr 18, 2024
CVE-2024-32558 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in impleCode eCommerce Product Catalog allows Reflected XSS.This issue affects eCommerce Product Catalog: from n/a through 3.3.32. -- Apr 18, 2024
CVE-2024-32557 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Exclusive Addons Exclusive Addons Elementor allows Stored XSS.This issue affects Exclusive Addons Elementor: from n/a through 2.6.9.2. -- Apr 16, 2024
CVE-2024-32556 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Nabil Lemsieh HurryTimer allows Stored XSS.This issue affects HurryTimer: from n/a through 2.9.2. -- Apr 18, 2024
CVE-2024-32554 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Knight Lab Knight Lab Timeline allows Stored XSS.This issue affects Knight Lab Timeline: from n/a through 3.9.3.4. -- Apr 18, 2024
CVE-2024-32553 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in looks_awesome Superfly Menu allows Stored XSS.This issue affects Superfly Menu: from n/a through 5.0.25. -- Apr 18, 2024
CVE-2024-32552 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Tagbox Taggbox allows Stored XSS.This issue affects Taggbox: from n/a through 3.2. -- Apr 18, 2024
CVE-2024-32551 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager : from n/a through 4.71. -- Apr 18, 2024
CVE-2024-32550 Cross-Site Request Forgery (CSRF) vulnerability in BMI Adult & Kid Calculator allows Stored XSS.This issue affects BMI Adult & Kid Calculator: from n/a through 1.2.1. -- Apr 17, 2024
CVE-2024-32549 Cross-Site Request Forgery (CSRF) vulnerability in Microkid Related Posts for WordPress allows Cross-Site Scripting (XSS).This issue affects Related Posts for WordPress: from n/a through 4.0.3. -- Apr 17, 2024
CVE-2024-32548 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Hideki Tanaka What\'s New Generator allows Stored XSS.This issue affects What\'s New Generator: from n/a through 2.0.2. -- Apr 17, 2024
CVE-2024-32547 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Insert Manager (Q2W3 Inc Manager): from n/a through 2.5.3. -- Apr 17, 2024
CVE-2024-32546 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Adam Bowen Tax Rate Upload allows Reflected XSS.This issue affects Tax Rate Upload: from n/a through 2.4.5. -- Apr 17, 2024
CVE-2024-32545 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Canva Canva – Design beautiful blog graphics allows Reflected XSS.This issue affects Canva – Design beautiful blog graphics: from n/a through 1.2.4. -- Apr 17, 2024
CVE-2024-32544 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Netgsm allows Reflected XSS.This issue affects Netgsm: from n/a through 2.8. -- Apr 17, 2024
CVE-2024-32543 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Minoji MJ Update History allows Reflected XSS.This issue affects MJ Update History: from n/a through 1.0.4. -- Apr 17, 2024
CVE-2024-32542 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Organic Themes Bulk Block Converter allows Reflected XSS.This issue affects Bulk Block Converter: from n/a through 1.0.1. -- Apr 17, 2024
CVE-2024-32541 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Tobias Battenberg WP-Cufon allows Stored XSS.This issue affects WP-Cufon: from n/a through 1.6.10. -- Apr 17, 2024
CVE-2024-32540 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Web357 Fixed HTML Toolbar allows Stored XSS.This issue affects Fixed HTML Toolbar: from n/a through 1.0.7. -- Apr 17, 2024
CVE-2024-32539 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in JoomUnited WP File Download Light allows Stored XSS.This issue affects WP File Download Light: from n/a through 1.3.3. -- Apr 17, 2024
CVE-2024-32538 Cross-Site Request Forgery (CSRF) vulnerability in Joshua Eldridge Easy CountDowner allows Stored XSS.This issue affects Easy CountDowner: from n/a through 1.0.8. -- Apr 17, 2024
CVE-2024-32536 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Trade Pips WP TradingView allows Stored XSS.This issue affects WP TradingView: from n/a through 1.7. -- Apr 17, 2024
CVE-2024-32535 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Jojaba Access Category Password allows Reflected XSS.This issue affects Access Category Password: from n/a through 1.5.1. -- Apr 17, 2024
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube