The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2024-29816 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in htdat Woo Viet allows Stored XSS.This issue affects Woo Viet: from n/a through 1.5.2. | -- | Mar 27, 2024 |
| CVE-2024-29815 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Aminur Islam WP Change Email Sender allows Stored XSS.This issue affects WP Change Email Sender: from n/a before 1.3.0. | -- | Mar 27, 2024 |
| CVE-2024-29814 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in CurrencyRate.Today Exchange Rates Widget allows Stored XSS.This issue affects Exchange Rates Widget: from n/a through 1.4.0. | -- | Mar 27, 2024 |
| CVE-2024-29813 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in CartFlows Inc. Funnel Builder by CartFlows allows Stored XSS.This issue affects Funnel Builder by CartFlows: from n/a through 2.0.1. | -- | Mar 27, 2024 |
| CVE-2024-29812 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in ReviewX allows Stored XSS.This issue affects ReviewX: from n/a through 1.6.22. | -- | Mar 27, 2024 |
| CVE-2024-29811 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in SoftLab Radio Player allows Stored XSS.This issue affects Radio Player: from n/a through 2.0.73. | -- | Mar 27, 2024 |
| CVE-2024-29807 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in DearHive DearFlip allows Stored XSS.This issue affects DearFlip: from n/a through 2.2.26. | -- | Mar 27, 2024 |
| CVE-2024-29806 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Reservation Diary ReDi Restaurant Reservation allows Reflected XSS.This issue affects ReDi Restaurant Reservation: from n/a through 24.0128. | -- | Mar 27, 2024 |
| CVE-2024-29805 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in ShopUp Shipping with Venipak for WooCommerce allows Reflected XSS.This issue affects Shipping with Venipak for WooCommerce: from n/a through 1.19.5. | -- | Mar 27, 2024 |
| CVE-2024-29804 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Team Heateor Fancy Comments WordPress allows Stored XSS.This issue affects Fancy Comments WordPress: from n/a through 1.2.14. | -- | Mar 27, 2024 |
| CVE-2024-29803 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Mehanoid.Pro FlatPM allows Stored XSS.This issue affects FlatPM: from n/a before 3.1.05. | -- | Mar 27, 2024 |
| CVE-2024-29802 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Antoine Hurkmans Football Pool allows Stored XSS.This issue affects Football Pool: from n/a through 2.11.3. | -- | Mar 27, 2024 |
| CVE-2024-29801 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Petri Damstén Fullscreen Galleria allows Stored XSS.This issue affects Fullscreen Galleria: from n/a through 1.6.11. | -- | Mar 27, 2024 |
| CVE-2024-29799 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Epsiloncool WP Fast Total Search allows Stored XSS.This issue affects WP Fast Total Search: from n/a through 1.59.211. | -- | Mar 27, 2024 |
| CVE-2024-29798 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Appsmav Gratisfaction allows Stored XSS.This issue affects Gratisfaction: from n/a through 4.3.4. | -- | Mar 27, 2024 |
| CVE-2024-29797 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WP Darko Grid Shortcodes allows Stored XSS.This issue affects Grid Shortcodes: from n/a through 1.1. | -- | Mar 27, 2024 |
| CVE-2024-29796 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Hot Themes Hot Random Image allows Stored XSS.This issue affects Hot Random Image: from n/a through 1.8.1. | -- | Mar 27, 2024 |
| CVE-2024-29795 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Interfacelab Media Cloud for Amazon S3, Imgix, Google Cloud Storage, DigitalOcean Spaces and more allows Stored XSS.This issue affects Media Cloud for Amazon S3, Imgix, Google Cloud Storage, DigitalOcean Spaces and more: from n/a through 4.5.24. | -- | Mar 27, 2024 |
| CVE-2024-29794 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Conversios Conversios.Io allows Reflected XSS.This issue affects Conversios.Io: from n/a through 6.9.1. | -- | Mar 27, 2024 |
| CVE-2024-29793 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in MailMunch MailChimp Forms by MailMunch allows Stored XSS.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.2. | -- | Mar 27, 2024 |
| CVE-2024-29792 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Reflected XSS.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.93. | -- | Mar 27, 2024 |
| CVE-2024-29791 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Reflected XSS.This issue affects Bulk NoIndex & NoFollow Toolkit: from n/a through 2.01. | -- | Mar 27, 2024 |
| CVE-2024-29790 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Squirrly SEO Plugin by Squirrly SEO allows Reflected XSS.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.3.16. | -- | Mar 27, 2024 |
| CVE-2024-29789 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Walter Pinem OneClick Chat to Order allows Stored XSS.This issue affects OneClick Chat to Order: from n/a through 1.0.5. | -- | Mar 27, 2024 |
| CVE-2024-29788 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Podlove Podlove Web Player allows Stored XSS.This issue affects Podlove Web Player: from n/a through 5.7.1. | -- | Mar 27, 2024 |
| CVE-2024-29777 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WPMU DEV Forminator allows Reflected XSS.This issue affects Forminator: from n/a through 1.29.0. | -- | Mar 27, 2024 |
| CVE-2024-29776 | Cross Site Scripting (XSS) vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.9. | -- | Mar 27, 2024 |
| CVE-2024-29775 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in vinoth06. Frontend Dashboard allows Stored XSS.This issue affects Frontend Dashboard: from n/a through 2.2.1. | -- | Mar 27, 2024 |
| CVE-2024-29774 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WpDirectoryKit WP Directory Kit allows Reflected XSS.This issue affects WP Directory Kit: from n/a through 1.2.9. | -- | Mar 27, 2024 |
| CVE-2024-29773 | Cross-Site Request Forgery (CSRF) vulnerability in BizSwoop a CPF Concepts, LLC Brand BizPrint allows Cross-Site Scripting (XSS).This issue affects BizPrint: from n/a through 4.5.5. | -- | Mar 27, 2024 |
| CVE-2024-29772 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Stormhill Media MyBookTable Bookstore allows Stored XSS.This issue affects MyBookTable Bookstore: from n/a through 3.3.7. | -- | Mar 27, 2024 |
| CVE-2024-29771 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in SoftLab Dracula Dark Mode - The Revolutionary Dark Mode Plugin For WordPress allows Stored XSS.This issue affects Dracula Dark Mode - The Revolutionary Dark Mode Plugin For WordPress: from n/a through 1.0.8. | -- | Mar 27, 2024 |
| CVE-2024-29770 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Pretty Links Shortlinks by Pretty Links allows Reflected XSS.This issue affects Shortlinks by Pretty Links: from n/a through 3.6.2. | -- | Mar 27, 2024 |
| CVE-2024-29769 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Portfolio Gallery – Image Gallery Plugin allows Stored XSS.This issue affects Portfolio Gallery – Image Gallery Plugin: from n/a through 1.5.6. | -- | Mar 27, 2024 |
| CVE-2024-29768 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Brainstorm Force Astra allows Stored XSS.This issue affects Astra: from n/a through 4.6.4. | -- | Mar 27, 2024 |
| CVE-2024-29767 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Wobbie.Nl Doneren met Mollie allows Reflected XSS.This issue affects Doneren met Mollie: from n/a through 2.10.2. | -- | Mar 27, 2024 |
| CVE-2024-29766 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in StreamWeasels StreamWeasels Twitch Integration allows Stored XSS.This issue affects StreamWeasels Twitch Integration: from n/a through 1.7.5. | -- | Mar 27, 2024 |
| CVE-2024-29765 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Alireza Sedghi Aparat for WordPress allows Stored XSS.This issue affects Aparat for WordPress: from n/a through 2.2.0. | -- | Mar 27, 2024 |
| CVE-2024-29764 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Molongui allows Stored XSS.This issue affects Molongui: from n/a through 4.7.7. | -- | Mar 27, 2024 |
| CVE-2024-29763 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Reflected XSS.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3. | -- | Mar 27, 2024 |
| CVE-2024-29762 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slidebars) allows Stored XSS.This issue affects Off-Canvas Sidebars & Menus (Slidebars): from n/a through 0.5.8.1. | -- | Mar 27, 2024 |
| CVE-2024-29761 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Krunal Prajapati WP Post Disclaimer allows Stored XSS.This issue affects WP Post Disclaimer: from n/a through 1.0.3. | -- | Mar 27, 2024 |
| CVE-2024-29760 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Pluggabl LLC Booster for WooCommerce allows Reflected XSS.This issue affects Booster for WooCommerce: from n/a through 7.1.7. | -- | Mar 27, 2024 |
| CVE-2024-29759 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in CodePeople Calculated Fields Form allows Reflected XSS.This issue affects Calculated Fields Form: from n/a through 1.2.54. | -- | Mar 27, 2024 |
| CVE-2024-29758 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Kienso Co-marquage service-public.Fr allows Reflected XSS.This issue affects Co-marquage service-public.Fr: from n/a through 0.5.72. | -- | Mar 27, 2024 |
| CVE-2024-29489 | Jerryscript 2.4.0 has SEGV at ./jerry-core/ecma/base/ecma-helpers.c:238:58 in ecma_get_object_type. | -- | Mar 28, 2024 |
| CVE-2024-29316 | NodeBB 3.6.7 is vulnerable to Incorrect Access Control, e.g., a low-privileged attacker can access the restricted tabs for the Admin group via isadmin:true. | -- | Mar 28, 2024 |
| CVE-2024-29241 | Missing authorization vulnerability in System webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to bypass security constraints via unspecified vectors. | -- | Mar 28, 2024 |
| CVE-2024-29240 | Missing authorization vulnerability in LayoutSave webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to conduct denial-of-service attacks via unspecified vectors. | -- | Mar 28, 2024 |
| CVE-2024-29239 | Improper neutralization of special elements used in an SQL command (\'SQL Injection\') vulnerability in Recording.CountByCategory webapi component in Synology Surveillance Station before 9.2.0-11289 and 9.2.0-9289 allows remote authenticated users to inject SQL commands via unspecified vectors. | -- | Mar 28, 2024 |
