Lista CVE - 2024 / Dicembre
Visualizzazione 1901 - 2000 di 3433 CVE per Dicembre 2024 (Pagina 20 di 35)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2024-54297 | 2024-12-13 | WordPress vBSSO-lite plugin <= 1.4.3 - Account Takeover vulnerability |
| CVE-2024-54298 | 2024-12-13 | WordPress Car Dealer plugin <= 4.46 - Broken Access Control vulnerability |
| CVE-2024-54299 | 2024-12-13 | WordPress Revi.io plugin <= 5.7.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54300 | 2024-12-13 | WordPress AutoWP plugin <= 2.0.8 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-54301 | 2024-12-13 | WordPress FormFacade plugin <= 1.3.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54302 | 2024-12-13 | WordPress VForm plugin <= 3.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54303 | 2024-12-13 | WordPress Simple Payment plugin <= 2.3.7 - Refleceted Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54304 | 2024-12-13 | WordPress Hive Support plugin <= 1.1.2 - SQL Injection vulnerability |
| CVE-2024-54305 | 2024-12-13 | WordPress J&T Express Malaysia plugin <= 2.0.13 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54306 | 2024-12-13 | WordPress AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot plugin <= 1.6.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-54307 | 2024-12-13 | WordPress AIcomments plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-54308 | 2024-12-13 | WordPress Cryptocurrency Price Widget plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54309 | 2024-12-13 | WordPress PostBox plugin <= 1.0.4 - Sensitive Data Exposure vulnerability |
| CVE-2024-54310 | 2024-12-13 | WordPress Gou Manage My Account Menu plugin <= 1.0.1.8 - Broken Access Control vulnerability |
| CVE-2024-54311 | 2024-12-13 | WordPress Mark New Posts plugin <= 7.5.1 - Broken Access Control vulnerability |
| CVE-2024-54312 | 2024-12-13 | WordPress افزونه پیامک ووکامرس Persian WooCommerce SMS plugin <= 7.0.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54313 | 2024-12-13 | WordPress FULL – Cliente plugin <= 3.1.25 - Local File Inclusion vulnerability |
| CVE-2024-54314 | 2024-12-13 | WordPress Primary Addon for Elementor plugin <= 1.6.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54315 | 2024-12-13 | WordPress Events Addon for Elementor plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54316 | 2024-12-13 | WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54317 | 2024-12-13 | WordPress Web Stories plugin <= 1.37.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54318 | 2024-12-13 | WordPress NiceJob plugin <= 3.6.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54319 | 2024-12-13 | WordPress Kundgenerator plugin <= 1.0.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54320 | 2024-12-13 | WordPress ICDSoft Reseller Store plugin<= 2.4.5 -Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54321 | 2024-12-13 | WordPress Hive Support plugin <= 1.1.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-54322 | 2024-12-13 | WordPress Media Downloader plugin <= 0.4.7.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54323 | 2024-12-13 | WordPress New User Approve plugin <= 2.6.2 - Broken Access Control vulnerability |
| CVE-2024-54324 | 2024-12-13 | WordPress SMSify plugin <= 6.0.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54325 | 2024-12-13 | WordPress CarDealerPress plugin <= 6.6.2410.02 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54326 | 2024-12-13 | WordPress GEO my WP plugin <= 4.5.0.4 - Broken Access Control vulnerability |
| CVE-2024-54327 | 2024-12-13 | WordPress UNIVERSAM plugin < 8.59 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54328 | 2024-12-13 | WordPress Invoice Payment for WooCommerce plugin <= 1.7.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54329 | 2024-12-13 | WordPress CleverNode Related Content plugin <= 1.1.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54330 | 2024-12-13 | WordPress Hurrakify plugin <= 2.4 - Server Side Request Forgery (SSRF) vulnerability |
| CVE-2024-54333 | 2024-12-13 | WordPress Check Pincode For Woocommerce plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54334 | 2024-12-13 | WordPress Quran Phrases About Most People Shortcodes plugin <= 1.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54335 | 2024-12-13 | WordPress ImmoToolBox Connect plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54336 | 2024-12-13 | WordPress Projectopia plugin <= 5.1.7 - Account Takeover vulnerability |
| CVE-2024-54337 | 2024-12-13 | WordPress DX Dark Site plugin <= 1.0.1 - CSRF to Stored Cross-Site Scripting vulnerability |
| CVE-2024-54338 | 2024-12-13 | WordPress Hello Event Widgets For Elementor plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54339 | 2024-12-13 | WordPress geoFlickr plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54340 | 2024-12-13 | WordPress Simple Presenter plugin <= 1.5.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54341 | 2024-12-13 | WordPress LabelGrid Tools plugin <= 1.3.58 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54342 | 2024-12-13 | WordPress Staggs plugin <= 2.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54343 | 2024-12-13 | WordPress Connect Contact Form 7 to Constant Contact plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54344 | 2024-12-13 | WordPress WP Quick Shop plugin <= 1.3.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54345 | 2024-12-13 | WordPress Bicycleshop theme <= 1.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54346 | 2024-12-13 | WordPress Barter theme <= 1.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54347 | 2024-12-13 | WordPress FloristPress plugin <= 7.2.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54349 | 2024-12-13 | WordPress Plain Post plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-54351 | 2024-12-13 | WordPress Fancy Roller Scroller plugin <= 1.4.0 - CSRF to Stored XSS vulnerability |
| CVE-2024-9945 | 2024-12-13 | Limited Information Disclosure in GoAnywhere MFT Prior to 7.7.0 |
| CVE-2024-54139 | 2024-12-13 | Combodo iTop vulnerable to XSS leading to CSRF breach on _table_id parameter |
| CVE-2024-55661 | 2024-12-13 | Laravel Pulse Allows Remote Code Execution via Unprotected Query Method |
| CVE-2024-55887 | 2024-12-13 | Ucum-java has an XXE vulnerability in XML parsing |
| CVE-2024-46971 | 2024-12-13 | GPU DDK - UAF of memory in PMRUnlockSysPhysAddressesLocalMem for on-demand PMRs on PCI (LMA) systems |
| CVE-2024-47892 | 2024-12-13 | GPU DDK - UAF of kernel memory in PMRUnlockPhysAddressesOSMem for on-demand non-4KB PMRs in system memory (UMA) |
| CVE-2024-55890 | 2024-12-13 | D-Tale allows Remote Code Execution through the Custom Filter Input |
| CVE-2024-55946 | 2024-12-13 | Playloom Engine Data Storage Vulnerability |
| CVE-2024-12552 | 2024-12-13 | Wacom Center WTabletServicePro Link Following Local Privilege Escalation Vulnerability |
| CVE-2024-12553 | 2024-12-13 | GeoVision GV-ASManager Missing Authorization Information Disclosure Vulnerability |
| CVE-2023-29476 | 2024-12-14 | In Menlo On-Premise Appliance before 2.88, web policy may not... |
| CVE-2024-12555 | 2024-12-14 | SIP Calculator <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting |
| CVE-2024-11873 | 2024-12-14 | glomex oEmbed <= 0.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11889 | 2024-12-14 | My IDX Home Search <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11867 | 2024-12-14 | Companion Portfolio – Responsive Portfolio Plugin <= 2.4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11865 | 2024-12-14 | Tabs Maker <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-12578 | 2024-12-14 | Tickera – WordPress Event Ticketing <= 3.5.4.8 - Unauthenticated Customer Data Exposure |
| CVE-2024-11755 | 2024-12-14 | IMS Countdown <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11751 | 2024-12-14 | TCBD Popover <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11759 | 2024-12-14 | Bukza <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11876 | 2024-12-14 | Kredeum NFTs, the easiest way to sell your NFTs directly on your WordPress site <= 1.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11095 | 2024-12-14 | Visualmodo Elements <= 1.0.2 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload |
| CVE-2024-11770 | 2024-12-14 | Post Carousel & Slider <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11462 | 2024-12-14 | Filestack Official <= 2.0.0 - Reflected Cross-Site Scripting |
| CVE-2024-11763 | 2024-12-14 | Plezi <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-12517 | 2024-12-14 | WooCommerce Cart Count Shortcode <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11883 | 2024-12-14 | Connatix Video Embed <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-12448 | 2024-12-14 | Posts and Products Views for WooCommerce <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-12411 | 2024-12-14 | WP Ad Guru – Banner ad, Responsive popup, Popup maker, Ad rotator & More <= 2.5.4 - Reflected Cross-Site Scripting |
| CVE-2024-12458 | 2024-12-14 | Smart PopUp Blaster <= 1.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-12523 | 2024-12-14 | States Map US <= 2.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-12447 | 2024-12-14 | Get Post Content Shortcode <= 0.4 - Insecure Direct Object Reference to Authenticated (Contributor+) Sensitive Information Disclosure via post_content Shortcode |
| CVE-2024-11855 | 2024-12-14 | Koalendar – Events & Appointments Booking Calendar <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via height Parameter |
| CVE-2024-11894 | 2024-12-14 | The Permalinker <= 1.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-12502 | 2024-12-14 | My IDX Home Search <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11877 | 2024-12-14 | Cricket Live Score <= 2.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11869 | 2024-12-14 | Buk for WordPress <= 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11888 | 2024-12-14 | IDer Login for WordPress <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-9698 | 2024-12-14 | Crafthemes Demo Import <= 3.3 - Authenticated (Admin+) Arbitrary File Upload in process_uploaded_files |
| CVE-2024-11884 | 2024-12-14 | Wp photo text slider 50 <= 8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-12501 | 2024-12-14 | Simple Locator <= 2.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-10646 | 2024-12-14 | Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.2.6 - Unauthenticated Stored Cross-Site Scripting via Form Subject |
| CVE-2024-10690 | 2024-12-14 | Shortcodes for Elementor <= 1.0.4 - Authenticated (Contributor+) Post Disclosure |
| CVE-2024-12474 | 2024-12-14 | GeoDataSource Country Region DropDown <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11752 | 2024-12-14 | Eveeno <= 1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-12459 | 2024-12-14 | Ganohrs Toggle Shortcode <= 0.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-12422 | 2024-12-14 | Import Eventbrite Events <= 1.7.4 - Reflected Cross-Site Scripting |
| CVE-2024-12628 | 2024-12-14 | bodi0’s Easy Cache <= 0.8 - Authenticated (Admin+) Stored Cross-Site Scripting |
| CVE-2024-12446 | 2024-12-14 | Post to Pdf <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting |