The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2024-31373 | Cross-Site Request Forgery (CSRF) vulnerability in E2Pdf.This issue affects e2pdf: from n/a through 1.20.27. | -- | Apr 15, 2024 |
CVE-2024-31372 | Cross-Site Request Forgery (CSRF) vulnerability in Arnan de Gans No-Bot Registration.This issue affects No-Bot Registration: from n/a through 1.9.1. | -- | Apr 12, 2024 |
CVE-2024-31371 | Cross-Site Request Forgery (CSRF) vulnerability in Xylus Themes WP Event Aggregator.This issue affects WP Event Aggregator: from n/a through 1.7.6. | -- | Apr 12, 2024 |
CVE-2024-31370 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in CodeIsAwesome AIKit.This issue affects AIKit: from n/a through 4.14.1. | -- | Apr 9, 2024 |
CVE-2024-31369 | Cross-Site Request Forgery (CSRF) vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2. | -- | Apr 9, 2024 |
CVE-2024-31368 | Missing Authorization vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2. | -- | Apr 9, 2024 |
CVE-2024-31367 | Missing Authorization vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2. | -- | Apr 9, 2024 |
CVE-2024-31366 | Missing Authorization vulnerability in Themify Post Type Builder (PTB).This issue affects Post Type Builder (PTB): from n/a through 2.0.8. | -- | Apr 9, 2024 |
CVE-2024-31365 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Themify Post Type Builder (PTB) allows Reflected XSS.This issue affects Post Type Builder (PTB): from n/a through 2.0.8. | -- | Apr 9, 2024 |
CVE-2024-31364 | Cross-Site Request Forgery (CSRF) vulnerability in ELEXtensions ELEX WooCommerce Dynamic Pricing and Discounts.This issue affects ELEX WooCommerce Dynamic Pricing and Discounts: from n/a through 2.1.2. | -- | Apr 15, 2024 |
CVE-2024-31363 | Cross-Site Request Forgery (CSRF) vulnerability in LifterLMS.This issue affects LifterLMS: from n/a through 7.5.0. | -- | Apr 15, 2024 |
CVE-2024-31362 | Cross-Site Request Forgery (CSRF) vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8. | -- | Apr 15, 2024 |
CVE-2024-31361 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in bunny.Net allows Stored XSS.This issue affects bunny.Net: from n/a through 2.0.1. | -- | Apr 11, 2024 |
CVE-2024-31360 | Cross-Site Request Forgery (CSRF) vulnerability in Coded Commerce, LLC Benchmark Email Lite.This issue affects Benchmark Email Lite: from n/a through 4.1. | -- | Apr 15, 2024 |
CVE-2024-31358 | Missing Authorization vulnerability in Saleswonder.Biz 5 Stars Rating Funnel.This issue affects 5 Stars Rating Funnel: from n/a through 1.2.67. | -- | Apr 10, 2024 |
CVE-2024-31357 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through 1.5.2. | -- | Apr 8, 2024 |
CVE-2024-31356 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Solwin Infotech User Activity Log.This issue affects User Activity Log: from n/a through 1.8. | -- | Apr 10, 2024 |
CVE-2024-31355 | Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8. | -- | Apr 10, 2024 |
CVE-2024-31354 | Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8. | -- | Apr 15, 2024 |
CVE-2024-31353 | Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8. | -- | Apr 10, 2024 |
CVE-2024-31349 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in MailMunch MailMunch – Grow your Email List allows Stored XSS.This issue affects MailMunch – Grow your Email List: from n/a through 3.1.6. | -- | Apr 8, 2024 |
CVE-2024-31348 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Themepoints Testimonials allows Stored XSS.This issue affects Testimonials: from n/a through 3.0.5. | -- | Apr 8, 2024 |
CVE-2024-31346 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Blocksmarket Gradient Text Widget for Elementor allows Stored XSS.This issue affects Gradient Text Widget for Elementor: from n/a through 1.0.1. | -- | Apr 8, 2024 |
CVE-2024-31345 | Unrestricted Upload of File with Dangerous Type vulnerability in Sukhchain Singh Auto Poster.This issue affects Auto Poster: from n/a through 1.2. | -- | Apr 8, 2024 |
CVE-2024-31344 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Phpbits Creative Studio Easy Login Styler – White Label Admin Login Page for WordPress allows Stored XSS.This issue affects Easy Login Styler – White Label Admin Login Page for WordPress: from n/a through 1.0.6. | -- | Apr 8, 2024 |
CVE-2024-31343 | Missing Authorization vulnerability in Sonaar Music MP3 Audio Player for Music, Radio & Podcast by Sonaar.This issue affects MP3 Audio Player for Music, Radio & Podcast by Sonaar: from n/a through 4.10.1. | -- | Apr 10, 2024 |
CVE-2024-31342 | Missing Authorization vulnerability in WPcloudgallery WordPress Gallery Exporter.This issue affects WordPress Gallery Exporter: from n/a through 1.3. | -- | Apr 10, 2024 |
CVE-2024-31309 | HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2.3 are affected. Users can set a new setting (proxy.config.http2.max_continuation_frames_per_minute) to limit the number of CONTINUATION frames per minute. ATS does have a fixed amount of memory a request can use and ATS adheres to these limits in previous releases. Users are recommended to upgrade to versions 8.1.10 or 9.2.4 which fixes the issue. | -- | Apr 10, 2024 |
CVE-2024-31308 | Deserialization of Untrusted Data vulnerability in VJInfotech WP Import Export Lite.This issue affects WP Import Export Lite: from n/a through 3.9.26. | -- | Apr 8, 2024 |
CVE-2024-31306 | Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Stored XSS.This issue affects Essential Blocks for Gutenberg: from n/a through 4.5.3. | -- | Apr 8, 2024 |
CVE-2024-31305 | Cross-Site Request Forgery (CSRF) vulnerability in rtCamp Transcoder.This issue affects Transcoder: from n/a through 1.3.5. | -- | Apr 15, 2024 |
CVE-2024-31303 | Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign-up Sheets.This issue affects Sign-up Sheets: from n/a through 2.2.11.1. | -- | Apr 15, 2024 |
CVE-2024-31302 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodePeople Contact Form Email.This issue affects Contact Form Email: from n/a through 1.3.44. | -- | Apr 10, 2024 |
CVE-2024-31301 | Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple Page Generator Plugin – MPG.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0. | -- | Apr 15, 2024 |
CVE-2024-31299 | Cross-Site Request Forgery (CSRF) vulnerability in Reservation Diary ReDi Restaurant Reservation allows Cross-Site Scripting (XSS).This issue affects ReDi Restaurant Reservation: from n/a through 24.0128. | -- | Apr 10, 2024 |
CVE-2024-31298 | Insertion of Sensitive Information into Log File vulnerability in Joel Hardi User Spam Remover.This issue affects User Spam Remover: from n/a through 1.0. | -- | Apr 10, 2024 |
CVE-2024-31297 | Missing Authorization vulnerability in WPExperts Wholesale For WooCommerce.This issue affects Wholesale For WooCommerce: from n/a through 2.3.0. | -- | Apr 10, 2024 |
CVE-2024-31296 | Authorization Bypass Through User-Controlled Key vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.81. | -- | Apr 8, 2024 |
CVE-2024-31293 | Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.6. | -- | Apr 15, 2024 |
CVE-2024-31292 | Unrestricted Upload of File with Dangerous Type vulnerability in Moove Agency Import XML and RSS Feeds.This issue affects Import XML and RSS Feeds: from n/a through 2.1.5. | -- | Apr 8, 2024 |
CVE-2024-31291 | Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.6. | -- | Apr 8, 2024 |
CVE-2024-31289 | Cross-Site Request Forgery (CSRF) vulnerability in Elementor Hello Elementor.This issue affects Hello Elementor: from n/a through 3.0.0. | -- | Apr 15, 2024 |
CVE-2024-31288 | Server-Side Request Forgery (SSRF) vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize.This issue affects RapidLoad Power-Up for Autoptimize: from n/a through 2.2.11. | -- | Apr 8, 2024 |
CVE-2024-31287 | Improper Limitation of a Pathname to a Restricted Directory (\'Path Traversal\') vulnerability in Max Foundry Media Library Folders.This issue affects Media Library Folders: from n/a through 8.1.8. | -- | Apr 10, 2024 |
CVE-2024-31286 | Unrestricted Upload of File with Dangerous Type vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a before 8.6.03.005. | -- | Apr 8, 2024 |
CVE-2024-31285 | Cross-Site Request Forgery (CSRF) vulnerability in Tooltip WordPress Tooltips allows Stored XSS.This issue affects WordPress Tooltips: from n/a through 9.5.3. | -- | Apr 11, 2024 |
CVE-2024-31282 | URL Redirection to Untrusted Site (\'Open Redirect\') vulnerability in Appcheap.Io App Builder.This issue affects App Builder: from n/a through 3.8.7. | -- | Apr 10, 2024 |
CVE-2024-31280 | Unrestricted Upload of File with Dangerous Type vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.1.5. | -- | Apr 8, 2024 |
CVE-2024-31279 | Cross-Site Request Forgery (CSRF) vulnerability in Catch Plugins Generate Child Theme.This issue affects Generate Child Theme: from n/a through 2.0. | -- | Apr 15, 2024 |
CVE-2024-31278 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons for Elementor.This issue affects Premium Addons for Elementor: from n/a through 4.10.22. | -- | Apr 10, 2024 |