Skip to main content
CVE-2024-37523 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AMP-MODE Login Logo Editor allows Stored XSS.3.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Login Logo Editor
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-6950 MEDIUM This Month

A vulnerability, which was classified as critical, has been found in Prain up to 1.3.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.4%
CVE-2024-6949 MEDIUM This Month

A vulnerability classified as problematic was found in Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal PHP Wuhu
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-6948 MEDIUM This Month

A vulnerability classified as critical has been found in Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP File Upload Wuhu
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-6945 MEDIUM This Month

A vulnerability was found in Flute CMS 0.2.2.4-alpha. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP File Upload Flute
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.6%
CVE-2024-6944 MEDIUM This Month

A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization PHP Crmeb
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
3.8%
CVE-2024-6943 MEDIUM This Month

A vulnerability has been found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization PHP Crmeb
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.6%
CVE-2024-6947 MEDIUM This Month

A vulnerability was found in Flute CMS 0.2.2.4-alpha. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection PHP RCE Flute
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.6%
CVE-2024-6946 MEDIUM This Month

A vulnerability was found in Flute CMS 0.2.2.4-alpha. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Flute
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.6%
CVE-2024-6937 MEDIUM This Month

A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure Form Tools
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.4%
CVE-2024-6936 MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in formtools.org Form Tools 3.1.1.php?page=accounts of the component Setting Handler. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection PHP RCE Form Tools
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.4%
CVE-2024-6935 MEDIUM This Month

A vulnerability classified as problematic was found in formtools.org Form Tools 3.1.1. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Form Tools
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.3%
CVE-2024-6934 MEDIUM This Month

A vulnerability classified as problematic has been found in formtools.org Form Tools 3.1.1. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Form Tools
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.4%
CVE-2024-37447 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PixelYourSite PixelYourSite - Your smart PIXEL (TAG) Manager allows Stored XSS.6.1.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Pixelyoursite
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-37446 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kiboko Labs Chained Quiz allows Stored XSS.3.2.8. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Chained Quiz
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-38784 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Beaver Builder allows Stored XSS.6.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Beaver Builder Addons
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-37522 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dario Curasì CC & BCC for Woocommerce Order Emails allows Stored XSS.4.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Cc Bcc For Woocommerce Order Emails
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-37558 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nazmul Hossain Nihal WPFavicon allows Stored XSS.1.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wpfavicon
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-37557 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Soham Web Solution WP Cookie Law Info allows Stored XSS.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Wp Cookie Law Info
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-37556 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SeedProd WordPress Notification Bar allows Stored XSS.3.10. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS Wordpress Notification Bar
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-37550 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Envato Template Kit - Export allows Stored XSS.0.22. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Template Kit Export
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-37549 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.0.0. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Save As Pdf
NVD
CVSS 3.1
4.8
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy