Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 242711 entries
IDDescriptionPriorityModified date
CVE-2024-51670 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Stored XSS.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.7. -- Nov 12, 2024
CVE-2024-51668 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Mark Tilly MyCurator Content Curation allows Stored XSS.This issue affects MyCurator Content Curation: from n/a through 3.78. -- Nov 12, 2024
CVE-2024-51665 Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows Server Side Request Forgery.This issue affects Magical Addons For Elementor: from n/a through 1.2.1. -- Nov 4, 2024
CVE-2024-51664 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Mark Kinchin Beds24 Online Booking allows Stored XSS.This issue affects Beds24 Online Booking: from n/a through 2.0.25. -- Nov 12, 2024
CVE-2024-51663 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Bricksable Bricksable for Bricks Builder allows Stored XSS.This issue affects Bricksable for Bricks Builder: from n/a through 1.6.59. -- Nov 12, 2024
CVE-2024-51662 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS.This issue affects Black Widgets For Elementor: from n/a through 1.3.6. -- Nov 12, 2024
CVE-2024-51661 Improper Neutralization of Special Elements used in an OS Command (\'OS Command Injection\') vulnerability in David Lingren Media Library Assistant allows Command Injection.This issue affects Media Library Assistant: from n/a through 3.19. -- Nov 4, 2024
CVE-2024-51647 Cross-Site Request Forgery (CSRF) vulnerability in Chaser324 Featured Posts Scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through 1.25. -- Nov 12, 2024
CVE-2024-51630 Cross-Site Request Forgery (CSRF) vulnerability in Lars Schenk Responsive Flickr Gallery allows Stored XSS.This issue affects Responsive Flickr Gallery: from n/a through 1.3.1. -- Nov 12, 2024
CVE-2024-51629 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in MetricThemes Header Footer Composer for Elementor allows DOM-Based XSS.This issue affects Header Footer Composer for Elementor: from n/a through 1.0.4. -- Nov 12, 2024
CVE-2024-51628 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in EzyOnlineBookings EzyOnlineBookings Online Booking System Widget allows DOM-Based XSS.This issue affects EzyOnlineBookings Online Booking System Widget: from n/a through 1.3. -- Nov 12, 2024
CVE-2024-51627 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Kaedinger Audio Comparison Lite audio-comparison-lite allows Stored XSS.This issue affects Audio Comparison Lite: from n/a through 3.4. -- Nov 12, 2024
CVE-2024-51626 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Mansur Ahamed Woocommerce Quote Calculator allows Blind SQL Injection.This issue affects Woocommerce Quote Calculator: from n/a through 1.1. -- Nov 4, 2024
CVE-2024-51625 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in EDC Team (E-Da`wah Committee) Quran Shortcode allows Blind SQL Injection.This issue affects Quran Shortcode: from n/a through 1.5. -- Nov 12, 2024
CVE-2024-51623 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Mehrdad Farahani WP EIS allows SQL Injection.This issue affects WP EIS: from n/a through 1.3.3. -- Nov 12, 2024
CVE-2024-51622 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in WP Experts Team WP EASY RECIPE allows Stored XSS.This issue affects WP EASY RECIPE: from n/a through 1.6. -- Nov 12, 2024
CVE-2024-51621 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Reza Sh Download-Mirror-Counter allows SQL Injection.This issue affects Download-Mirror-Counter: from n/a through 1.1. -- Nov 12, 2024
CVE-2024-51620 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Porsline allows Blind SQL Injection.This issue affects Porsline: from n/a through 1.0.2. -- Nov 12, 2024
CVE-2024-51619 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Market360.Co Market 360 Viewer allows Blind SQL Injection.This issue affects Market 360 Viewer: from n/a through 1.01. -- Nov 12, 2024
CVE-2024-51618 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in DuoGeek Custom Admin Menu allows Stored XSS.This issue affects Custom Admin Menu: from n/a through 1.0.0. -- Nov 12, 2024
CVE-2024-51616 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Nazmul Hasan Rupok AwesomePress allows Stored XSS.This issue affects AwesomePress: from n/a through 1.0. -- Nov 12, 2024
CVE-2024-51614 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Aajoda Aajoda Testimonials allows Stored XSS.This issue affects Aajoda Testimonials: from n/a through 2.2.2. -- Nov 12, 2024
CVE-2024-51613 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Andrew Connell TradeMe widgets allows Stored XSS.This issue affects TradeMe widgets: from n/a through 1.2. -- Nov 12, 2024
CVE-2024-51612 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Ken Charity Reftagger Shortcode allows Stored XSS.This issue affects Reftagger Shortcode: from n/a through 1.1. -- Nov 12, 2024
CVE-2024-51611 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Miguel Peixe WP Feature Box allows Stored XSS.This issue affects WP Feature Box: from n/a through 0.1.3. -- Nov 12, 2024
CVE-2024-51610 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in SEO Themes Display Terms Shortcode allows Stored XSS.This issue affects Display Terms Shortcode: from n/a through 1.0.4. -- Nov 12, 2024
CVE-2024-51609 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Elsner Technologies Pvt. Ltd. Emoji Shortcode allows Stored XSS.This issue affects Emoji Shortcode: from n/a through 1.0.0. -- Nov 12, 2024
CVE-2024-51608 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Pluginhandy AmaDiscount allows SQL Injection.This issue affects AmaDiscount: from n/a through 1.0. -- Nov 12, 2024
CVE-2024-51607 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Buddy Lindsey Golf Tracker allows SQL Injection.This issue affects Golf Tracker: from n/a through 0.7. -- Nov 12, 2024
CVE-2024-51606 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Blrt Blrt WP Embed allows SQL Injection.This issue affects Blrt WP Embed: from n/a through 1.6.9. -- Nov 12, 2024
CVE-2024-51605 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Genoo, LLC Genoo allows DOM-Based XSS.This issue affects Genoo: from n/a through 6.0.10. -- Nov 12, 2024
CVE-2024-51604 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Carlo Andro Mabugay Media Modal allows DOM-Based XSS.This issue affects Media Modal: from n/a through 1.0.2. -- Nov 12, 2024
CVE-2024-51603 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Mircea N. NMR Strava activities allows DOM-Based XSS.This issue affects NMR Strava activities: from n/a through 1.0.6. -- Nov 12, 2024
CVE-2024-51602 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Oleksandr Ustymenko Simple Job Manager allows SQL Injection.This issue affects Simple Job Manager: from n/a through 1.1. -- Nov 12, 2024
CVE-2024-51601 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Maksym Marko Website price calculator allows SQL Injection.This issue affects Website price calculator: from n/a through 4.1. -- Nov 12, 2024
CVE-2024-51599 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Russell Albin Simple Business Manager allows Stored XSS.This issue affects Simple Business Manager: from n/a through 4.6.7.4. -- Nov 12, 2024
CVE-2024-51598 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Kendysond Selar.Co Widget allows DOM-Based XSS.This issue affects Selar.Co Widget: from n/a through 1.2. -- Nov 12, 2024
CVE-2024-51597 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in ThemeShark ThemeShark Templates & Widgets for Elementor allows Stored XSS.This issue affects ThemeShark Templates & Widgets for Elementor: from n/a through 1.1.7. -- Nov 12, 2024
CVE-2024-51596 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Nilesh Shiragave Business allows Stored XSS.This issue affects Business: from n/a through 1.3. -- Nov 12, 2024
CVE-2024-51595 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in sksdev SKSDEV Toolkit allows Stored XSS.This issue affects SKSDEV Toolkit: from n/a through 1.0.0. -- Nov 12, 2024
CVE-2024-51594 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Rafel Sansó Gmap Point List allows Stored XSS.This issue affects Gmap Point List: from n/a through 1.1.2. -- Nov 12, 2024
CVE-2024-51593 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Glopium Studio ???? ????? UAH allows Stored XSS.This issue affects ???? ????? UAH: from n/a through 2.0. -- Nov 12, 2024
CVE-2024-51592 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in bnayawpguy Meta Store Elements allows DOM-Based XSS.This issue affects Meta Store Elements: from n/a through 1.0.9. -- Nov 12, 2024
CVE-2024-51591 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in wpgrids Slicko allows DOM-Based XSS.This issue affects Slicko: from n/a through 1.2.0. -- Nov 12, 2024
CVE-2024-51590 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Hoosoft Hoo Addons for Elementor allows DOM-Based XSS.This issue affects Hoo Addons for Elementor: from n/a through 1.0.6. -- Nov 12, 2024
CVE-2024-51589 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in wpcirqle Bigmart Elements allows DOM-Based XSS.This issue affects Bigmart Elements: from n/a through 1.0.3. -- Nov 12, 2024
CVE-2024-51588 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Themehat Super Addons for Elementor allows DOM-Based XSS.This issue affects Super Addons for Elementor: from n/a through 1.0. -- Nov 12, 2024
CVE-2024-51587 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in Softfirm Definitive Addons for Elementor allows Stored XSS.This issue affects Definitive Addons for Elementor: from n/a through 1.5.16. -- Nov 12, 2024
CVE-2024-51586 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in BRAFT Elementary Addons allows Stored XSS.This issue affects Elementary Addons: from n/a through 2.0.4. -- Nov 12, 2024
CVE-2024-51585 Improper Neutralization of Input During Web Page Generation (XSS or \'Cross-site Scripting\') vulnerability in NicheAddons Sales Page Addon – Elementor & Beaver Builder allows Stored XSS.This issue affects Sales Page Addon – Elementor & Beaver Builder: from n/a through 1.4.2. -- Nov 12, 2024
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online