CVE List - 2024 / November
Showing 1101 - 1200 of 4054 CVEs for November 2024 (Page 12 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-51675 | 2024-11-09 | WordPress aThemes Addons for Elementor plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51674 | 2024-11-09 | WordPress Sastra Essential Addons for Elementor plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51673 | 2024-11-09 | WordPress HT Politic plugin <= 2.4.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51670 | 2024-11-09 | WordPress JS Help Desk plugin <= 2.8.7 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51668 | 2024-11-09 | WordPress MyCurator Content Curation plugin <= 3.78 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51664 | 2024-11-09 | WordPress Beds24 Online Booking plugin <= 2.0.25 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51663 | 2024-11-09 | WordPress Bricksable for Bricks Builder plugin <= 1.6.59 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51662 | 2024-11-09 | WordPress Black Widgets For Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51647 | 2024-11-09 | WordPress Featured Posts Scroll plugin <= 1.25 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51630 | 2024-11-09 | WordPress Responsive Flickr Gallery plugin <= 1.3.1 - CSRF to Stored XSS vulnerability |
| CVE-2024-51629 | 2024-11-09 | WordPress Header Footer Composer for Elementor plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51628 | 2024-11-09 | WordPress EzyOnlineBookings Online Booking System Widget plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51627 | 2024-11-09 | WordPress Audio Comparison Lite plugin <= 3.4 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51623 | 2024-11-09 | WordPress WP EIS plugin <= 1.3.3 - SQL Injection vulnerability |
| CVE-2024-51622 | 2024-11-09 | WordPress WP EASY RECIPE plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51618 | 2024-11-09 | WordPress Custom Admin Menu plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51616 | 2024-11-09 | WordPress AwesomePress plugin <= 1.0 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51614 | 2024-11-09 | WordPress Aajoda Testimonials plugin <= 2.2.2 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51613 | 2024-11-09 | WordPress TradeMe widgets plugin <= 1.2 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51612 | 2024-11-09 | WordPress Reftagger Shortcode plugin <= 1.1 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51611 | 2024-11-09 | WordPress WP Feature Box plugin <= 0.1.3 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51610 | 2024-11-09 | WordPress Display Terms Shortcode plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51609 | 2024-11-09 | WordPress Emoji Shortcode plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51608 | 2024-11-09 | WordPress AmaDiscount Plugin plugin <= 1.0 - SQL Injection vulnerability |
| CVE-2024-51606 | 2024-11-09 | WordPress Blrt WP Embed plugin <= 1.6.9 - SQL Injection vulnerability |
| CVE-2024-51605 | 2024-11-09 | WordPress Genoo plugin <= 6.0.10 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51604 | 2024-11-09 | WordPress Media Modal plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51603 | 2024-11-09 | WordPress NMR Strava activities plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51599 | 2024-11-09 | WordPress Simple Business Manager plugin <= 4.6.7.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51598 | 2024-11-09 | WordPress Selar.co Widget plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51597 | 2024-11-09 | WordPress ThemeShark Templates & Widgets for Elementor plugin <= 1.1.7 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51596 | 2024-11-09 | WordPress Business plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51595 | 2024-11-09 | WordPress SKSDEV Toolkit plugin <= 1.0.0 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51594 | 2024-11-09 | WordPress Gmap Point List plugin <= 1.1.2 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51593 | 2024-11-09 | WordPress Курс валют UAH plugin <= 2.0 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51592 | 2024-11-09 | WordPress Meta Store Elements plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51591 | 2024-11-09 | WordPress Slicko plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51590 | 2024-11-09 | WordPress Hoo Addons for Elementor plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51589 | 2024-11-09 | WordPress Bigmart Elements plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51588 | 2024-11-09 | WordPress Super Addons for Elementor plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51587 | 2024-11-09 | WordPress Definitive Addons for Elementor plugin <= 1.5.16 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51586 | 2024-11-09 | WordPress Elementary Addons plugin <= 2.0.4 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51585 | 2024-11-09 | WordPress Sales Page Addon plugin <= 1.4.2 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-42000 | 2024-11-09 | Unauthorized Access to view channels' details |
| CVE-2024-36250 | 2024-11-09 | MFA Code Replay |
| CVE-2024-52032 | 2024-11-09 | Private channel names leaking when Elasticsearch is enabled |
| CVE-2020-10367 | 2024-11-10 | Certain Cypress (and Broadcom) Wireless Combo chips, when a January... |
| CVE-2020-10368 | 2024-11-10 | Certain Cypress (and Broadcom) Wireless Combo chips, when a January... |
| CVE-2020-10369 | 2024-11-10 | Certain Cypress (and Broadcom) Wireless Combo chips, when a January... |
| CVE-2021-35473 | 2024-11-10 | An issue was discovered in LemonLDAP::NG before 2.0.12. There is... |
| CVE-2021-41737 | 2024-11-10 | In Faust 2.23.1, an input file with the lines "//... |
| CVE-2023-40457 | 2024-11-10 | The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1... |
| CVE-2024-46613 | 2024-11-10 | WeeChat before 4.4.2 has an integer overflow and resultant buffer... |
| CVE-2024-46951 | 2024-11-10 | An issue was discovered in psi/zcolor.c in Artifex Ghostscript before... |
| CVE-2024-46952 | 2024-11-10 | An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before... |
| CVE-2024-46953 | 2024-11-10 | An issue was discovered in base/gsdevice.c in Artifex Ghostscript before... |
| CVE-2024-46954 | 2024-11-10 | An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex... |
| CVE-2024-46955 | 2024-11-10 | An issue was discovered in psi/zcolor.c in Artifex Ghostscript before... |
| CVE-2024-46956 | 2024-11-10 | An issue was discovered in psi/zfile.c in Artifex Ghostscript before... |
| CVE-2020-10370 | 2024-11-10 | Certain Cypress (and Broadcom) Wireless Combo chips such as CYW43455,... |
| CVE-2024-11046 | 2024-11-10 | D-Link DI-8003 upgrade_filter.asp upgrade_filter_asp os command injection |
| CVE-2024-11047 | 2024-11-10 | D-Link DI-8003 upgrade_filter.asp upgrade_filter_asp stack-based overflow |
| CVE-2024-11048 | 2024-11-10 | D-Link DI-8003 dbsrv.asp dbsrv_asp stack-based overflow |
| CVE-2024-11049 | 2024-11-10 | ZKTeco ZKBio Time Image File photo direct request |
| CVE-2024-11050 | 2024-11-10 | AMTT Hotel Broadband Operation System language.php cross site scripting |
| CVE-2024-11051 | 2024-11-10 | AMTT Hotel Broadband Operation System online_status.php sql injection |
| CVE-2024-51584 | 2024-11-10 | WordPress Marquee Elementor with Posts plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51583 | 2024-11-10 | WordPress Kento Ads Rotator plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51581 | 2024-11-10 | WordPress Restaurant & Cafe Addon for Elementor plugin <= 1.5.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51580 | 2024-11-10 | WordPress Clever Addons for Elementor plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51578 | 2024-11-10 | WordPress 3D Presentation plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51577 | 2024-11-10 | WordPress bpmn.io plugin <= 1.0 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-11054 | 2024-11-10 | SourceCodester Simple Music Cloud Community System ajax.php unrestricted upload |
| CVE-2024-51576 | 2024-11-10 | WordPress AMP Img Shortcode plugin <= 1.0.1 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-10265 | 2024-11-10 | Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder <= 1.15.30 - Reflected Cross-Site Scripting via add_query_arg Parameter |
| CVE-2024-10958 | 2024-11-10 | WP Photo Album Plus <= 8.8.08.007 - Unauthenticated Arbitrary Shortcode Execution via getshortcodedrenderedfenodelay |
| CVE-2024-11055 | 2024-11-10 | 1000 Projects Beauty Parlour Management System admin-profile.php sql injection |
| CVE-2024-11056 | 2024-11-10 | Tenda AC10 WifiExtraSet FUN_0046AC38 stack-based overflow |
| CVE-2024-11057 | 2024-11-10 | Codezips Hospital Appointment System removeBranchResult.php sql injection |
| CVE-2024-11058 | 2024-11-10 | CodeAstro Real Estate Management System About Us Page aboutedit.php sql injection |
| CVE-2024-11059 | 2024-11-10 | Project Worlds Free Download Online Shopping System success.php sql injection |
| CVE-2024-25253 | 2024-11-11 | Driver Booster v10.6 was discovered to contain a buffer overflow... |
| CVE-2024-25254 | 2024-11-11 | SuperScan v4.1 was discovered to contain a buffer overflow via... |
| CVE-2024-25255 | 2024-11-11 | Sublime Text 4 was discovered to contain a command injection... |
| CVE-2024-36061 | 2024-11-11 | EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection.... |
| CVE-2024-41992 | 2024-11-11 | Wi-Fi Alliance wfa_dut (in Wi-Fi Test Suite) through 9.0.0 allows... |
| CVE-2024-44546 | 2024-11-11 | Powerjob >= 3.20 is vulnerable to SQL injection via the... |
| CVE-2024-46962 | 2024-11-11 | The SYQ com.downloader.video.fast (aka Master Video Downloader) application through 2.0... |
| CVE-2024-46963 | 2024-11-11 | The com.superfast.video.downloader (aka Super Unlimited Video Downloader - All in... |
| CVE-2024-46964 | 2024-11-11 | The com.video.downloader.all (aka All Video Downloader) application through 11.28 for... |
| CVE-2024-46965 | 2024-11-11 | The DS allvideo.downloader.browser (aka Fast Video Downloader: Browser) application through... |
| CVE-2024-46966 | 2024-11-11 | The Ikhgur mn.ikhgur.khotoch (aka Video Downloader Pro & Browser) application... |
| CVE-2024-48322 | 2024-11-11 | UsersController.php in Run.codes 1.5.2 and older has a reset password... |
| CVE-2024-48939 | 2024-11-11 | Insufficient validation performed on the REST API License file in... |
| CVE-2024-50601 | 2024-11-11 | Persistent and reflected XSS vulnerabilities in the themeMode cookie and... |
| CVE-2024-50636 | 2024-11-11 | PyMOL 2.5.0 contains a vulnerability in its "Run Script" function,... |
| CVE-2024-50667 | 2024-11-11 | The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack... |
| CVE-2024-50989 | 2024-11-11 | A SQL injection vulnerability in /omrs/admin/search.php in PHPGurukul Online Marriage... |
| CVE-2024-50990 | 2024-11-11 | A Reflected Cross Site Scriptng (XSS) vulnerability was found in... |
| CVE-2024-50991 | 2024-11-11 | A Cross Site Scripting (XSS) vulnerability was found in /ums-sp/admin/registered-users.php... |