Aggregator

A vulnerability has been found in dotrex Power Ups for Elementor Plugin up to 1.2.2 on WordPress and classified as problematic. This vulnerability affects the function magic-button of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-13548. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in hk1993 WP Contact Form7 Email Spam Blocker Plugin up to 1.0.0 on WordPress. This affects an unknown part. The manipulation of the argument post leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-13467. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in qchantelnotice SEO Friendly Accordion FAQ with AI Assisted Content Generation Plugin up to 2.2.1 on WordPress. Affected by this issue is the function noticefaq of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-13458. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in jackdewey Bilingual Linker Plugin up to 2.4 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation of the argument bl_otherlang_link_1 leads to cross site scripting. This vulnerability is known as CVE-2024-13441. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in paulrosen ABC Notation Plugin up to 6.1.3 on WordPress. Affected is the function abcjs of the component Shortcode Handler. The manipulation leads to path traversal. This vulnerability is traded as CVE-2024-13550. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Youzify Plugin up to 1.3.2 on WordPress. It has been rated as problematic. This issue affects the function save_addon_key_license. The manipulation leads to missing authorization. The identification of this vulnerability is CVE-2024-13370. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Youzify Plugin up to 1.3.2 on WordPress. It has been declared as problematic. This vulnerability affects the function youzify_offer_banner. The manipulation leads to missing authorization. This vulnerability was named CVE-2024-13368. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in shazahm1hotmailcom Connections Business Directory Plugin up to 10.4.66 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2024-12885. It is possible to initiate the attack remotely. There is no exploit available.

Многоуровневые схемы вывода активов охватили десятки блокчейнов.

A vulnerability was found in coreymcollins Etsy Importer Plugin up to 1.4.2 on WordPress and classified as problematic. Affected by this issue is the function product_link of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-12817. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in mastowkir Notice Board Plugin up to 3.1 on WordPress and classified as problematic. Affected by this vulnerability is the function notice-board of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-12816. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in brodosnet brodos.net Onlineshop Plugin up to 2.0.2 on WordPress. Affected is the function BrodosCategory of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-12529. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in arunbasillal Ask Me Anything Anonymously Plugin up to 1.6 on WordPress. This issue affects the function askmeanythingpeople of the component Shortcode Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-12512. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in sovica Target Video Easy Publish Plugin up to 3.8.3 on WordPress. This vulnerability affects the function resync_carousel/seek_snapshot/uploaded_cc/remove_cc. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-12076. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in broadstreetads Broadstreet Plugin up to 1.50.3 on WordPress. This affects an unknown part. The manipulation of the argument zone leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-11825. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in bitpressadmin Contact Form Plugin up to 2.17.4 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to server-side request forgery. This vulnerability is handled as CVE-2024-13450. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Youzify Plugin up to 1.3.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function delete_user_review/delete_review. The manipulation leads to missing authorization. This vulnerability is known as CVE-2024-12113. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in ibsofts Boom Fest Plugin up to 2.2.1 on WordPress. It has been classified as problematic. Affected is the function bf_admin_action of the component Setting Handler. The manipulation leads to missing authorization. This vulnerability is traded as CVE-2024-13449. It is possible to launch the attack remotely. There is no exploit available.