Medium
CVE-2024-53787
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M A Vinoth Kumar Random Banner random-banner allows Stored XSS.This issue affects Random Banner:…
Tag: Stored XSS
All CVEs associated with "Stored XSS". Page 22/45 • 5376 CVEs.
Subscribe CVEs: RSS for “Stored XSS” · RSS (High+Critical only)
About “Stored XSS”
A curated feed of “Stored XSS”-related CVEs appears below. We currently track 5376 CVEs for this tag (all time). In the last 365 days, 1195 were published. Average CVSS is 6.2 (all time; 6.4 over 365d), and 18% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), CWE-352 - Cross-Site Request Forgery (CSRF), CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS).
In our taxonomy this topic maps to a MODERATE impact class. Common exploitation patterns for this weakness can lead to moderate. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2024-11-30
2024-11-28
Medium
CVE-2024-53731
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fintelligence Fintelligence Calculator fintelligence-calculator allows Stored XSS.This issue affe…
Medium
CVE-2024-53737
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster wp-mailster allows Stored XSS.This issue affects WP Mailster: from n/a thro…
High
CVE-2024-53736
Cross-Site Request Forgery (CSRF) vulnerability in Jason Grim Custom Shortcode Sidebars custom-shortcode-sidebars allows Stored XSS.This issue affects Custom Shortcode Sidebars: from n/a through <= 1…
High
CVE-2024-53734
Cross-Site Request Forgery (CSRF) vulnerability in Jamie O Idealien Category Enhancements idealien-category-enhancements allows Stored XSS.This issue affects Idealien Category Enhancements: from n/a…
High
CVE-2024-53733
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in harshtohit111 Fence URL fence-url allows Stored XSS.This issue affects Fence URL: from n/a throug…
High
CVE-2024-53732
Cross-Site Request Forgery (CSRF) vulnerability in wpwox Footer Flyout Widget footer-flyout-widget allows Stored XSS.This issue affects Footer Flyout Widget: from n/a through <= 1.1.
Medium
CVE-2024-52283
Missing sanitation of inputs allowed arbitrary users to conduct a stored XSS attack that triggers for users that view a certain project
2024-11-25
Medium
CVE-2024-53930
WikiDocs before 1.0.65 allows stored XSS by authenticated users via data that comes after $$\\, which is mishandled by a KaTeX parser.
2024-11-22
Medium
CVE-2024-47863
An issue was discovered in Centreon Web 24.10.x before 24.10.0, 24.04.x before 24.04.8, 23.10.x before 23.10.18, 23.04.x before 23.04.23, and 22.10.x before 22.10.26. A stored XSS was found in the us…
2024-11-21
Medium
CVE-2024-7016
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Smarttek Informatics Smart Doctor's allows Stored XSS required admin privileges. This iss…
Medium
CVE-2024-5029
The CM Table Of Contents WordPress plugin before 1.2.4 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logge…
2024-11-20
Medium
CVE-2024-11406
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in django CMS Association django CMS Attributes Fields allows Stored XSS. This issue affects…
Medium
CVE-2024-11404
Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in django CMS Association django Filer allows Input Data M…
Low
CVE-2024-10515
In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malici…
2024-11-19
Medium
CVE-2024-30424
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM Beaver Builder Addons by WPZOOM wpzoom-addons-for-beaver-builder allows Stored XSS.This is…
Medium
CVE-2023-27609
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NetTantra WP Roles at Registration allows Stored XSS.This issue affects WP Roles at Regist…
Medium
CVE-2024-50430
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Stored XSS.This issue affects Be…
High
CVE-2024-52421
Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP Popup Window Maker easy-popup-lightbox-maker allows Stored XSS.This issue affects WP Popup Window Maker: from n/a through <= 2.0.
High
CVE-2024-52388
Cross-Site Request Forgery (CSRF) vulnerability in mikeage Hebrew Date hebrewdates allows Stored XSS.This issue affects Hebrew Date: from n/a through <= 2.1.0.
Medium
CVE-2024-51936
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eSparkBiz ESB Testimonials esb-testimonials allows Stored XSS.This issue affects ESB Testimonials…
Medium
CVE-2024-51930
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IronFeet Custom URL Shortener custom-url-shorter allows Stored XSS.This issue affects Custom URL…
Medium
CVE-2024-51926
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsoul GreenCon greencon allows Stored XSS.This issue affects GreenCon: from n/a through <= 1.0.1.
Medium
CVE-2024-51925
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sazzad Testimonial Slider Shortcode testimonial-slider-shortcode allows Stored XSS.This issue aff…
Medium
CVE-2024-51924
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alexandremagno WP Agenda wp-agenda allows Stored XSS.This issue affects WP Agenda: from n/a throu…
Medium
CVE-2024-51923
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Websand Websand Subscription Form websand-subscription-form allows Stored XSS.This issue affects…
Medium
CVE-2024-51922
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maruf Arafat VP Sitemap vp-sitemap allows Stored XSS.This issue affects VP Sitemap: from n/a thro…
Medium
CVE-2024-51917
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lequanghuylc Multiple Votes in one page multiple-votes-in-one-page allows Stored XSS.This issue a…
Medium
CVE-2024-51913
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mapme Mapme mapme allows Stored XSS.This issue affects Mapme: from n/a through <= 1.3.2.
Medium
CVE-2024-51907
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codemenschen WP Virtual Room Configurator configure-conference-room allows Stored XSS.This issue…
Medium
CVE-2024-51905
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ravi Kumar Vanukuru RSV PDF Preview rsv-pdf-preview allows Stored XSS.This issue affects RSV PDF…
Medium
CVE-2024-51904
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joan Boluda Embed documents shortcode embed-documents-shortcode allows Stored XSS.This issue affe…
Medium
CVE-2024-51903
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brandon Hubbard WP Listings Pro wp-listings-pro allows Stored XSS.This issue affects WP Listings…
Medium
CVE-2024-51902
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybio TinyCode tinycode allows Stored XSS.This issue affects TinyCode: from n/a through <= 1.2.1.
Medium
CVE-2024-51901
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wojciechborowicz Smooth Maps colour-smooth-maps allows Stored XSS.This issue affects Smooth Maps:…
Medium
CVE-2024-51899
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in seothemes Simple Pricing Table simple-pricing-table allows Stored XSS.This issue affects Simple P…
Medium
CVE-2024-51898
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sachin8600 Semantic Shortcode semantic-shortcode allows Stored XSS.This issue affects Semantic Sh…
Medium
CVE-2024-51897
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Erik Saulnier News Articles news-articles allows Stored XSS.This issue affects News Articles: fro…
Medium
CVE-2024-51896
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webvitaly Magic Slider magic-slider allows Stored XSS.This issue affects Magic Slider: from n/a t…
Medium
CVE-2024-51895
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pankaj9296 Minical Hotel Booking Plugin minical allows Stored XSS.This issue affects Minical Hote…
Medium
CVE-2024-51892
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor Alam Sell Media File with Stripe sell-media-file allows Stored XSS.This issue affects Sell M…
Medium
CVE-2024-51891
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SalesWizard.pl Official SalesWizard CRM Plugin official-saleswizard-crm allows Stored XSS.This is…
Medium
CVE-2024-51890
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in geoWP Geoportail Shortcode geoportail-shortcode allows Stored XSS.This issue affects Geoportail S…
Medium
CVE-2024-51889
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GeroNikolov Fancy User List fancy-user-listing allows Stored XSS.This issue affects Fancy User Li…
Medium
CVE-2024-51887
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ryscript NV Slider nv-slider allows Stored XSS.This issue affects NV Slider: from n/a through <=…
Medium
CVE-2024-51886
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takashi Matsuyama Posts Filter posts-filter allows Stored XSS.This issue affects Posts Filter: fr…
Medium
CVE-2024-51885
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takashi Matsuyama Browsing History browsing-history allows Stored XSS.This issue affects Browsing…
Medium
CVE-2024-51884
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takashi Matsuyama Posts Search posts-search allows Stored XSS.This issue affects Posts Search: fr…
Medium
CVE-2024-51883
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Micha I Plant A Tree i-plant-a-tree allows Stored XSS.This issue affects I Plant A Tree: from n/a…
Medium
CVE-2024-51879
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arash Heidari Text Advertisements text-advertisements allows Stored XSS.This issue affects Text A…
Medium
CVE-2024-51872
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in luzuk Themes Luzuk Testimonials luzuk-testimonials allows Stored XSS.This issue affects Luzuk Tes…
Medium
CVE-2024-51871
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in luzuk Themes Luzuk Team luzuk-team allows Stored XSS.This issue affects Luzuk Team: from n/a thro…
Medium
CVE-2024-51870
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dragwyb Ultimate Flipbox Addon for Elementor ultimate-flipbox-addon-for-elementor allows Stored X…
Medium
CVE-2024-51869
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Best WP Developer Gutenium Blocks gutenium allows Stored XSS.This issue affects Gutenium Blocks:…
Medium
CVE-2024-51868
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tapan Kumer Das DuoGeek Blocks duogeek-blocks allows Stored XSS.This issue affects DuoGeek Blocks…
Medium
CVE-2024-51867
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in geilt Simpul Events by Esotech simpul-events-by-esotech allows Stored XSS.This issue affects Simp…
Medium
CVE-2024-51866
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in riponshah Social button social-button allows Stored XSS.This issue affects Social button: from n/…
Medium
CVE-2024-51865
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in leroysabrina Simple Social Share Block simple-social-share-block allows Stored XSS.This issue aff…
Medium
CVE-2024-51864
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Agnel Waghela Shortcode Collection shortcode-collection allows Stored XSS.This issue affects Shor…
Medium
CVE-2024-51863
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Profit Funnels PF Timer pf-timer allows Stored XSS.This issue affects PF Timer: from n/a through…
Medium
CVE-2024-51862
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Baptiste Wicht Google Visualization Charts google-visualization-charts allows Stored XSS.This iss…
Medium
CVE-2024-51861
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DuoGeek EventPress wp-eventpress allows Stored XSS.This issue affects EventPress: from n/a throug…
Medium
CVE-2024-51860
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DuoGeek Custom Dashboard Widget create-custom-dashboard-widget allows Stored XSS.This issue affec…
Medium
CVE-2024-51859
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bamboo Manchester Bamboo Enquiries bamboo-enquiries allows Stored XSS.This issue affects Bamboo E…
Medium
CVE-2024-51858
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginOps Social Locker social-locker-content allows Stored XSS.This issue affects Social Locker:…
Medium
CVE-2024-51850
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bchristopeit WoW Guild Armory Roster guild-armory-roster allows Stored XSS.This issue affects WoW…
Medium
CVE-2024-51849
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marco Piarulli My Restaurant Menu my-restaurant-menu allows Stored XSS.This issue affects My Rest…
Medium
CVE-2024-51848
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in digitalzoomstudio Parallaxer parallaxer-lite-parallax-effects-on-images allows Stored XSS.This is…
Medium
CVE-2024-51847
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in giovanebribeiro WP PagSeguro Payments wp-pagseguro-payments allows Stored XSS.This issue affects…
Medium
CVE-2024-51846
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Simpson Community Yard Sale community-yard-sale allows Stored XSS.This issue affects Comm…
Medium
CVE-2024-51844
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kiran Patil Location Click Map location-click-map allows Stored XSS.This issue affects Location C…
Medium
CVE-2024-51835
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ajinkyanahar OpenCart Product Display opencart-product-display allows Stored XSS.This issue affec…
Medium
CVE-2024-51834
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in luzuk Themes Luzuk Slider luzuk-slider allows Stored XSS.This issue affects Luzuk Slider: from n/…
Medium
CVE-2024-51833
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nomaniplex Easy Social Sharebar easy-social-sharebar allows Stored XSS.This issue affects Easy So…
Medium
CVE-2024-51832
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in plenigo Plenigo plenigo allows Stored XSS.This issue affects Plenigo: from n/a through <= 1.12.0.
Medium
CVE-2024-51831
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aboutorab Pourhaghani Persian Nested Show/Hide Text persian-nested-showhide-text allows Stored XS…
Medium
CVE-2024-51830
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fazilatunnesa News Ticker newsticker allows Stored XSS.This issue affects News Ticker: from n/a t…
Medium
CVE-2024-51829
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in figoliquinn Mobile Kiosk mobile-kiosk allows Stored XSS.This issue affects Mobile Kiosk: from n/a…
Medium
CVE-2024-51822
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in keonthemes Creative Blocks creative-blocks allows Stored XSS.This issue affects Creative Blocks:…
Medium
CVE-2024-51821
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wordpresteem WE – Client Logo Carousel we-client-logo-carousel allows Stored XSS.This issue affec…
Medium
CVE-2024-51819
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tigrisflexplatform Tigris Flexplatform tigris-flexplatform allows Stored XSS.This issue affects T…
Medium
CVE-2024-51816
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saul Morales Pacheco Banner System banner-system allows Stored XSS.This issue affects Banner Syst…
Medium
CVE-2024-51812
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasim Pro Addons For Elementor pro-addons-for-elementor allows Stored XSS.This issue affects Pro…
Medium
CVE-2024-51811
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hussam Hussien Popup Image popup-image allows Stored XSS.This issue affects Popup Image: from n/a…
Medium
CVE-2024-51810
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in George Lewe Lewe Bootstrap Visuals shortcode-bootstrap-visuals allows Stored XSS.This issue affec…
Medium
CVE-2024-51809
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in intelligentDesign Keymaster Chord Notation Free keymaster-chord-notation-free allows Stored XSS.T…
Medium
CVE-2024-51808
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pat O’Brien codeSnips codesnips allows Stored XSS.This issue affects codeSnips: from n/a through…
Medium
CVE-2024-51807
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Black and White AgendaPress – Easily Publish Meeting Agendas and Programs on WordPress agendapres…
Medium
CVE-2024-51806
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shingo Awesome Fitness Testimonials awesome-fitness-testimonials allows Stored XSS.This issue aff…
Medium
CVE-2024-51805
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in yonisink yPHPlista yphplista allows Stored XSS.This issue affects yPHPlista: from n/a through <=…
Medium
CVE-2024-51794
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sellerthemes Storely storely allows Stored XSS.This issue affects Storely: from n/a through <= 14…
High
CVE-2024-51657
Cross-Site Request Forgery (CSRF) vulnerability in Woopy Plugins SmartLink Dynamic URLs smartlink-dinamic-urls allows Stored XSS.This issue affects SmartLink Dynamic URLs: from n/a through <= 1.1.0.
High
CVE-2024-51656
Cross-Site Request Forgery (CSRF) vulnerability in litefeel Flash Show And Hide Box flash-show-and-hide-box allows Stored XSS.This issue affects Flash Show And Hide Box: from n/a through <= 1.6.
High
CVE-2024-51655
Cross-Site Request Forgery (CSRF) vulnerability in microkid Custom Author URL author-slug allows Stored XSS.This issue affects Custom Author URL: from n/a through <= 2.0.1.
High
CVE-2024-51654
Cross-Site Request Forgery (CSRF) vulnerability in Eric Allen APK Downloader apk-downloader allows Stored XSS.This issue affects APK Downloader: from n/a through <= 1.0.0.
High
CVE-2024-51653
Cross-Site Request Forgery (CSRF) vulnerability in akira1891 UPDATE NOTIFICATIONS update-notifications allows Stored XSS.This issue affects UPDATE NOTIFICATIONS: from n/a through <= 0.3.4.
High
CVE-2024-51652
Cross-Site Request Forgery (CSRF) vulnerability in marckocher Skip To skip-to allows Stored XSS.This issue affects Skip To: from n/a through <= 2.0.0.
High
CVE-2024-51650
Cross-Site Request Forgery (CSRF) vulnerability in scottmydollarplancom Random Featured Post random-featured-post-plugin allows Stored XSS.This issue affects Random Featured Post: from n/a through <=…
High
CVE-2024-51649
Cross-Site Request Forgery (CSRF) vulnerability in Patrick Lumumba Mobilize mobilize allows Stored XSS.This issue affects Mobilize: from n/a through <= 3.0.7.
High
CVE-2024-51645
Cross-Site Request Forgery (CSRF) vulnerability in themefusecom ThemeFuse Maintenance Mode themefuse-maintenance-mode allows Stored XSS.This issue affects ThemeFuse Maintenance Mode: from n/a through…
High
CVE-2024-51644
Cross-Site Request Forgery (CSRF) vulnerability in samwilson Addressbook addressbook allows Stored XSS.This issue affects Addressbook: from n/a through <= 1.1.3.
High
CVE-2024-51643
Cross-Site Request Forgery (CSRF) vulnerability in ragaskar Amazon Associate Filter amazon-associate-filter allows Stored XSS.This issue affects Amazon Associate Filter: from n/a through <= 0.4.
High
CVE-2024-51642
Cross-Site Request Forgery (CSRF) vulnerability in ivan9146 Seo Free seo-free allows Stored XSS.This issue affects Seo Free: from n/a through <= 1.4.
High
CVE-2024-51641
Cross-Site Request Forgery (CSRF) vulnerability in Juan Camilo Advanced PDF Generator advanced-pdf-generator allows Stored XSS.This issue affects Advanced PDF Generator: from n/a through <= 0.4.0.
High
CVE-2024-51640
Cross-Site Request Forgery (CSRF) vulnerability in Matt Rude MDR Webmaster Tools mdr-webmaster-tools allows Stored XSS.This issue affects MDR Webmaster Tools: from n/a through <= 1.1.
High
CVE-2024-51639
Cross-Site Request Forgery (CSRF) vulnerability in Hints Naver Blog naver-blog-api allows Stored XSS.This issue affects Naver Blog: from n/a through <= 1.0.
High
CVE-2024-51638
Cross-Site Request Forgery (CSRF) vulnerability in Sanjeev Mohindra Awesome Shortcodes For Genesis awesome-shortcodes-for-genesis allows Stored XSS.This issue affects Awesome Shortcodes For Genesis:…
High
CVE-2024-51637
Cross-Site Request Forgery (CSRF) vulnerability in sroyalty Admin SMS Alert admin-sms-alert allows Stored XSS.This issue affects Admin SMS Alert: from n/a through <= 1.1.0.
High
CVE-2024-51635
Cross-Site Request Forgery (CSRF) vulnerability in Garmur While Loading while-it-is-loading allows Stored XSS.This issue affects While Loading: from n/a through <= 3.0.
High
CVE-2024-51633
Cross-Site Request Forgery (CSRF) vulnerability in ivycat Simple Page Specific Sidebars page-specific-sidebars allows Stored XSS.This issue affects Simple Page Specific Sidebars: from n/a through <=…
High
CVE-2024-51632
Cross-Site Request Forgery (CSRF) vulnerability in Sam Hoe SH Slideshow sh-slideshow allows Stored XSS.This issue affects SH Slideshow: from n/a through <= 4.3.
Medium
CVE-2024-51617
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Clyp Clyp clyp allows Stored XSS.This issue affects Clyp: from n/a through <= 1.3.
Medium
CVE-2024-50552
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jasonpancake Hover Video Preview hover-video-preview allows Stored XSS.This issue affects Hover V…
Medium
CVE-2024-50551
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Odyno EndomondoWP endomondowp allows Stored XSS.This issue affects EndomondoWP: from n/a through…
Medium
CVE-2024-50541
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in overclokk Advanced Control Manager for WordPress by ItalyStrap advanced-control-manager allows St…
Medium
CVE-2024-50540
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in demixpress (dp) AddThis dp-addthis allows Stored XSS.This issue affects (dp) AddThis: from n/a th…
Medium
CVE-2024-50538
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in irfantea Show Visitor IP Address show-visitor-ip-address allows Stored XSS.This issue affects Sho…
Medium
CVE-2024-50537
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stefano Marra Smart Mockups smart-mockups allows Stored XSS.This issue affects Smart Mockups: fro…
Medium
CVE-2024-50535
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle M Brown Step by Step step-by-step allows Stored XSS.This issue affects Step by Step: from n/…
High
CVE-2024-50534
Cross-Site Request Forgery (CSRF) vulnerability in techdabang World Prayer Time world-prayer-time allows Stored XSS.This issue affects World Prayer Time: from n/a through <= 2.0.