Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 167607 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2024-32564 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Post Grid Team by WPXPO PostX – Gutenberg Blocks for Post Grid allows Stored XSS.This issue affects PostX – Gutenberg Blocks for Post Grid: from n/a through 4.0.1. -- Apr 18, 2024 n/a
CVE-2024-32563 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in VikBooking Hotel Booking Engine & PMS allows Reflected XSS.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.6.7. -- Apr 18, 2024 n/a
CVE-2024-32562 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Stored XSS.This issue affects Z Y N I T H: from n/a through 7.4.9. -- Apr 18, 2024 n/a
CVE-2024-32561 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Tagembed allows Stored XSS.This issue affects Tagembed: from n/a through 4.7. -- Apr 18, 2024 n/a
CVE-2024-32560 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Sharabindu QR Code Composer allows Stored XSS.This issue affects QR Code Composer: from n/a through 2.0.3. -- Apr 18, 2024 n/a
CVE-2024-32559 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post allows Reflected XSS.This issue affects WP 404 Auto Redirect to Similar Post: from n/a through 1.0.4. -- Apr 18, 2024 n/a
CVE-2024-32558 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in impleCode eCommerce Product Catalog allows Reflected XSS.This issue affects eCommerce Product Catalog: from n/a through 3.3.32. -- Apr 18, 2024 n/a
CVE-2024-32557 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Exclusive Addons Exclusive Addons Elementor allows Stored XSS.This issue affects Exclusive Addons Elementor: from n/a through 2.6.9.2. -- Apr 16, 2024 n/a
CVE-2024-32556 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Nabil Lemsieh HurryTimer allows Stored XSS.This issue affects HurryTimer: from n/a through 2.9.2. -- Apr 18, 2024 n/a
CVE-2024-32554 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Knight Lab Knight Lab Timeline allows Stored XSS.This issue affects Knight Lab Timeline: from n/a through 3.9.3.4. -- Apr 18, 2024 n/a
CVE-2024-32553 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in looks_awesome Superfly Menu allows Stored XSS.This issue affects Superfly Menu: from n/a through 5.0.25. -- Apr 18, 2024 n/a
CVE-2024-32552 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Tagbox Taggbox allows Stored XSS.This issue affects Taggbox: from n/a through 3.2. -- Apr 18, 2024 n/a
CVE-2024-32551 Improper Neutralization of Special Elements used in an SQL Command (\'SQL Injection\') vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager : from n/a through 4.71. -- Apr 18, 2024 n/a
CVE-2024-32550 Cross-Site Request Forgery (CSRF) vulnerability in BMI Adult & Kid Calculator allows Stored XSS.This issue affects BMI Adult & Kid Calculator: from n/a through 1.2.1. -- Apr 17, 2024 n/a
CVE-2024-32549 Cross-Site Request Forgery (CSRF) vulnerability in Microkid Related Posts for WordPress allows Cross-Site Scripting (XSS).This issue affects Related Posts for WordPress: from n/a through 4.0.3. -- Apr 17, 2024 n/a
CVE-2024-32548 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Hideki Tanaka What\'s New Generator allows Stored XSS.This issue affects What\'s New Generator: from n/a through 2.0.2. -- Apr 17, 2024 n/a
CVE-2024-32547 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Max Bond Code Insert Manager (Q2W3 Inc Manager) allows Reflected XSS.This issue affects Code Insert Manager (Q2W3 Inc Manager): from n/a through 2.5.3. -- Apr 17, 2024 n/a
CVE-2024-32546 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Adam Bowen Tax Rate Upload allows Reflected XSS.This issue affects Tax Rate Upload: from n/a through 2.4.5. -- Apr 17, 2024 n/a
CVE-2024-32545 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Canva Canva – Design beautiful blog graphics allows Reflected XSS.This issue affects Canva – Design beautiful blog graphics: from n/a through 1.2.4. -- Apr 17, 2024 n/a
CVE-2024-32544 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Netgsm allows Reflected XSS.This issue affects Netgsm: from n/a through 2.8. -- Apr 17, 2024 n/a
CVE-2024-32543 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Minoji MJ Update History allows Reflected XSS.This issue affects MJ Update History: from n/a through 1.0.4. -- Apr 17, 2024 n/a
CVE-2024-32542 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Organic Themes Bulk Block Converter allows Reflected XSS.This issue affects Bulk Block Converter: from n/a through 1.0.1. -- Apr 17, 2024 n/a
CVE-2024-32541 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Tobias Battenberg WP-Cufon allows Stored XSS.This issue affects WP-Cufon: from n/a through 1.6.10. -- Apr 17, 2024 n/a
CVE-2024-32540 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Web357 Fixed HTML Toolbar allows Stored XSS.This issue affects Fixed HTML Toolbar: from n/a through 1.0.7. -- Apr 17, 2024 n/a
CVE-2024-32539 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in JoomUnited WP File Download Light allows Stored XSS.This issue affects WP File Download Light: from n/a through 1.3.3. -- Apr 17, 2024 n/a
CVE-2024-32538 Cross-Site Request Forgery (CSRF) vulnerability in Joshua Eldridge Easy CountDowner allows Stored XSS.This issue affects Easy CountDowner: from n/a through 1.0.8. -- Apr 17, 2024 n/a
CVE-2024-32536 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Trade Pips WP TradingView allows Stored XSS.This issue affects WP TradingView: from n/a through 1.7. -- Apr 17, 2024 n/a
CVE-2024-32535 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Jojaba Access Category Password allows Reflected XSS.This issue affects Access Category Password: from n/a through 1.5.1. -- Apr 17, 2024 n/a
CVE-2024-32534 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Stored XSS.This issue affects Form Maker by 10Web: from n/a through 1.15.23. -- Apr 17, 2024 n/a
CVE-2024-32533 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Peter Shaw LH Add Media From Url allows Reflected XSS.This issue affects LH Add Media From Url: from n/a through 1.22. -- Apr 17, 2024 n/a
CVE-2024-32532 Missing Authorization vulnerability in SiteGround Speed Optimizer.This issue affects Speed Optimizer: from n/a through 7.4.6. -- Apr 17, 2024 n/a
CVE-2024-32531 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Everest themes GuCherry Blog allows Reflected XSS.This issue affects GuCherry Blog: from n/a through 1.1.8. -- Apr 17, 2024 n/a
CVE-2024-32530 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in PressTigers Simple Testimonials Showcase allows Stored XSS.This issue affects Simple Testimonials Showcase: from n/a through 1.1.5. -- Apr 17, 2024 n/a
CVE-2024-32529 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Momoyoga Yoga Schedule Momoyoga allows Stored XSS.This issue affects Yoga Schedule Momoyoga: from n/a through 2.7.0. -- Apr 17, 2024 n/a
CVE-2024-32528 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Seerox WP Dynamic Keywords Injector allows Reflected XSS.This issue affects WP Dynamic Keywords Injector: from n/a through 2.3.18. -- Apr 17, 2024 n/a
CVE-2024-32527 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Jotform Jotform Online Forms allows Stored XSS.This issue affects Jotform Online Forms: from n/a through 1.3.1. -- Apr 17, 2024 n/a
CVE-2024-32526 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Flector Easy Textillate allows Stored XSS.This issue affects Easy Textillate: from n/a through 2.02. -- Apr 17, 2024 n/a
CVE-2024-32525 Missing Authorization vulnerability in Theme My Login.This issue affects Theme My Login: from n/a through 7.1.6. -- Apr 17, 2024 n/a
CVE-2024-32524 Missing Authorization vulnerability in Nuggethon Custom Order Statuses for WooCommerce.This issue affects Custom Order Statuses for WooCommerce: from n/a through 1.5.2. -- Apr 17, 2024 n/a
CVE-2024-32522 Missing Authorization vulnerability in Jaed Mosharraf & Pluginbazar Team Open Close WooCommerce Store.This issue affects Open Close WooCommerce Store: from n/a through 4.9.1. -- Apr 17, 2024 n/a
CVE-2024-32520 Missing Authorization vulnerability in WPClever WPC Grouped Product for WooCommerce.This issue affects WPC Grouped Product for WooCommerce: from n/a through 4.4.2. -- Apr 17, 2024 n/a
CVE-2024-32519 Missing Authorization vulnerability in GutenGeek GG Woo Feed for WooCommerce.This issue affects GG Woo Feed for WooCommerce: from n/a through 1.2.6. -- Apr 17, 2024 n/a
CVE-2024-32518 Missing Authorization vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 2.0.0. -- Apr 17, 2024 n/a
CVE-2024-32517 Missing Authorization vulnerability in WooCommerce & WordPress Tutorials Custom Thank You Page Customize For WooCommerce by Binary Carpenter.This issue affects Custom Thank You Page Customize For WooCommerce by Binary Carpenter: from n/a through 1.4.12. -- Apr 17, 2024 n/a
CVE-2024-32516 Missing Authorization vulnerability in Palscode Multi Currency For WooCommerce.This issue affects Multi Currency For WooCommerce: from n/a through 1.5.5. -- Apr 17, 2024 n/a
CVE-2024-32515 Missing Authorization vulnerability in Qamar Sheeraz, Nasir Ahmad Mega Addons For Elementor.This issue affects Mega Addons For Elementor: from n/a through 1.8. -- Apr 17, 2024 n/a
CVE-2024-32514 Unrestricted Upload of File with Dangerous Type vulnerability in Poll Maker & Voting Plugin Team (InfoTheme) WP Poll Maker.This issue affects WP Poll Maker: from n/a through 3.4. -- Apr 17, 2024 n/a
CVE-2024-32513 Insertion of Sensitive Information into Log File vulnerability in AdTribes.Io Product Feed PRO for WooCommerce.This issue affects Product Feed PRO for WooCommerce: from n/a through 13.3.1. -- Apr 17, 2024 n/a
CVE-2024-32510 Improper Neutralization of Input During Web Page Generation (\'Cross-site Scripting\') vulnerability in Loopus WP Cost Estimation & Payment Forms Builder allows Reflected XSS.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.75. -- Apr 17, 2024 n/a
CVE-2024-32509 Missing Authorization vulnerability in Loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.76. -- Apr 17, 2024 n/a
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online