The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2024-30486 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Max Foundry Media Library Folders.This issue affects Media Library Folders: from n/a through 8.1.7. | -- | Apr 1, 2024 |
| CVE-2024-30483 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Simple Sponsorships Sponsors allows Stored XSS.This issue affects Sponsors: from n/a through 3.5.1. | -- | Mar 29, 2024 |
| CVE-2024-30482 | Cross-Site Request Forgery (CSRF) vulnerability in Brice CAPOBIANCO Simple Revisions Delete.This issue affects Simple Revisions Delete: from n/a through 1.5.3. | -- | Apr 1, 2024 |
| CVE-2024-30478 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Bulletin WordPress Announcement & Notification Banner Plugin – Bulletin.This issue affects WordPress Announcement & Notification Banner Plugin – Bulletin: from n/a through 3.8.5. | -- | Apr 1, 2024 |
| CVE-2024-30477 | Missing Authorization vulnerability in Klarna Klarna Payments for WooCommerce.This issue affects Klarna Payments for WooCommerce: from n/a through 3.2.4. | -- | Apr 1, 2024 |
| CVE-2024-30469 | Missing Authorization vulnerability in WPExperts Wholesale For WooCommerce.This issue affects Wholesale For WooCommerce: from n/a through 2.3.0. | -- | Apr 1, 2024 |
| CVE-2024-30468 | Cross-Site Request Forgery (CSRF) vulnerability in All In One WP Security & Firewall Team All In One WP Security & Firewall.This issue affects All In One WP Security & Firewall: from n/a through 5.2.6. | -- | Apr 1, 2024 |
| CVE-2024-30463 | Missing Authorization vulnerability in realmag777 BEAR.This issue affects BEAR: from n/a through 1.1.4.3. | -- | Apr 1, 2024 |
| CVE-2024-30462 | Cross-Site Request Forgery (CSRF) vulnerability in realmag777 HUSKY – Products Filter for WooCommerce (formerly WOOF).This issue affects HUSKY – Products Filter for WooCommerce (formerly WOOF): from n/a through 1.3.5.1. | -- | Apr 1, 2024 |
| CVE-2024-30460 | Cross-Site Request Forgery (CSRF) vulnerability in Tumult Inc Tumult Hype Animations.This issue affects Tumult Hype Animations: from n/a through 1.9.11. | -- | Apr 1, 2024 |
| CVE-2024-30458 | Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOOCS – WooCommerce Currency Switcher.This issue affects WOOCS – WooCommerce Currency Switcher: from n/a through 1.4.1.7. | -- | Mar 29, 2024 |
| CVE-2024-30457 | Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF).This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.3.3.1. | -- | Mar 29, 2024 |
| CVE-2024-30456 | Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WPCS.This issue affects WPCS: from n/a through 1.2.0.1. | -- | Mar 29, 2024 |
| CVE-2024-30455 | Cross-Site Request Forgery (CSRF) vulnerability in GamiPress.This issue affects GamiPress: from n/a through 6.8.5. | -- | Apr 1, 2024 |
| CVE-2024-30454 | Cross-Site Request Forgery (CSRF) vulnerability in VeronaLabs WP SMS.This issue affects WP SMS: from n/a through 6.6.2. | -- | Apr 1, 2024 |
| CVE-2024-30453 | Server-Side Request Forgery (SSRF) vulnerability in Brave Brave Popup Builder.This issue affects Brave Popup Builder: from n/a through 0.6.5. | -- | Apr 1, 2024 |
| CVE-2024-30452 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in PluginOps Landing Page Builder allows Stored XSS.This issue affects Landing Page Builder: from n/a through 1.5.1.7. | -- | Apr 1, 2024 |
| CVE-2024-30451 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in INFINITUM FORM Geo Controller allows Stored XSS.This issue affects Geo Controller: from n/a through 8.6.4. | -- | Apr 1, 2024 |
| CVE-2024-30450 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Step-Byte-Service GmbH OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) allows Stored XSS.This issue affects OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer): from n/a through 1.1.1. | -- | Apr 1, 2024 |
| CVE-2024-30449 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Booking Activities Team Booking Activities allows Reflected XSS.This issue affects Booking Activities: from n/a through 1.15.19. | -- | Apr 1, 2024 |
| CVE-2024-30448 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Supsystic Slider by Supsystic allows Stored XSS.This issue affects Slider by Supsystic: from n/a through 1.8.10. | -- | Apr 1, 2024 |
| CVE-2024-30447 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Creative Solutions Creative Image Slider – Responsive Slider Plugin allows Reflected XSS.This issue affects Creative Image Slider – Responsive Slider Plugin: from n/a through 2.1.3. | -- | Apr 1, 2024 |
| CVE-2024-30446 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in CRM Perks CRM Perks Forms allows Stored XSS.This issue affects CRM Perks Forms: from n/a through 1.1.4. | -- | Apr 1, 2024 |
| CVE-2024-30445 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in GhozyLab, Inc. Web Icons allows Stored XSS.This issue affects Web Icons: from n/a through 1.0.0.10. | -- | Apr 1, 2024 |
| CVE-2024-30444 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in zionbuilder.Io WordPress Page Builder – Zion Builder allows Stored XSS.This issue affects WordPress Page Builder – Zion Builder: from n/a through 3.6.9. | -- | Apr 1, 2024 |
| CVE-2024-30443 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in GS Plugins GS Testimonial Slider allows Stored XSS.This issue affects GS Testimonial Slider: from n/a through 3.1.4. | -- | Apr 1, 2024 |
| CVE-2024-30442 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 4.8.0. | -- | Apr 1, 2024 |
| CVE-2024-30441 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in PickPlugins Post Grid allows Reflected XSS.This issue affects Post Grid: from n/a through 2.2.74. | -- | Apr 1, 2024 |
| CVE-2024-30440 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Themify Themify Event Post allows Stored XSS.This issue affects Themify Event Post: from n/a through 1.2.7. | -- | Apr 1, 2024 |
| CVE-2024-30439 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in BestWebSoft Limit Attempts by BestWebSoft allows Reflected XSS.This issue affects Limit Attempts by BestWebSoft: from n/a through 1.2.9. | -- | Apr 1, 2024 |
| CVE-2024-30438 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in bPlugins Print Page block allows Stored XSS.This issue affects Print Page block: from n/a through 1.0.8. | -- | Apr 1, 2024 |
| CVE-2024-30437 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WPPOOL Webinar and Video Conference with Jitsi Meet allows Stored XSS.This issue affects Webinar and Video Conference with Jitsi Meet: from n/a through 2.6.3. | -- | Apr 1, 2024 |
| CVE-2024-30436 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Collect.Chat Inc. Collectchat allows Stored XSS.This issue affects Collectchat: from n/a through 2.4.1. | -- | Apr 1, 2024 |
| CVE-2024-30435 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in POSIMYTH The Plus Blocks for Block Editor | Gutenberg allows Reflected XSS.This issue affects The Plus Blocks for Block Editor | Gutenberg: from n/a through 3.2.5. | -- | Apr 1, 2024 |
| CVE-2024-30434 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WP-CRM System allows Stored XSS.This issue affects WP-CRM System: from n/a through 3.2.9. | -- | Apr 1, 2024 |
| CVE-2024-30433 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in MultiVendorX WC Marketplace allows Stored XSS.This issue affects WC Marketplace: from n/a through 4.1.3. | -- | Apr 1, 2024 |
| CVE-2024-30432 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in bPlugins B Slider - Slider for your block editor allows Stored XSS.This issue affects B Slider - Slider for your block editor: from n/a through 1.1.12. | -- | Apr 1, 2024 |
| CVE-2024-30431 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Hometory Mang Board WP allows Reflected XSS.This issue affects Mang Board WP: from n/a through 1.8.0. | -- | Apr 1, 2024 |
| CVE-2024-30430 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WP Email Newsletter Team - FluentCRM Fluent CRM allows Stored XSS.This issue affects Fluent CRM: from n/a through 2.8.44. | -- | Apr 1, 2024 |
| CVE-2024-30429 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Hans Matzen allows Stored XSS.This issue affects wp-forecast: from n/a through 9.2. | -- | Apr 1, 2024 |
| CVE-2024-30428 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Contest Gallery allows Reflected XSS.This issue affects Contest Gallery: from n/a through 21.3.5. | -- | Apr 1, 2024 |
| CVE-2024-30427 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Spiffy Plugins Spiffy Calendar allows Reflected XSS.This issue affects Spiffy Calendar: from n/a through 4.9.7. | -- | Apr 1, 2024 |
| CVE-2024-30426 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in HashThemes Hash Elements allows Stored XSS.This issue affects Hash Elements: from n/a through 1.3.3. | -- | Apr 1, 2024 |
| CVE-2024-30425 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This issue affects Beaver Builder: from n/a through 2.7.4.4. | -- | Apr 1, 2024 |
| CVE-2024-30423 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in BetterAddons Better Elementor Addons allows Stored XSS.This issue affects Better Elementor Addons: from n/a through 1.3.7. | -- | Apr 1, 2024 |
| CVE-2024-30422 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WPVibes Elementor Addon Elements allows Stored XSS.This issue affects Elementor Addon Elements: from n/a through 1.13.1. | -- | Mar 28, 2024 |
| CVE-2024-30421 | Cross-Site Request Forgery (CSRF) vulnerability in Pixelite Events Manager.This issue affects Events Manager: from n/a through 6.4.7.1. | -- | Mar 28, 2024 |
| CVE-2024-30418 | Vulnerability of insufficient permission verification in the app management module. Impact: Successful exploitation of this vulnerability will affect availability. | -- | Apr 8, 2024 |
| CVE-2024-30417 | Path traversal vulnerability in the Bluetooth-based sharing module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | -- | Apr 8, 2024 |
| CVE-2024-30416 | Use After Free (UAF) vulnerability in the underlying driver module. Impact: Successful exploitation of this vulnerability will affect availability. | -- | Apr 8, 2024 |
