VULNMAP - Security Vulnerabilities

CVE List - 2024 / November

Showing 2701 - 2800 of 4054 CVEs for November 2024 (Page 28 of 41)

CVE ID Date Title
CVE-2024-50540 2024-11-19 WordPress (dp) AddThis plugin <= 1.0.2 - Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-50538 2024-11-19 WordPress Show Visitor IP Address plugin <= 0.2 - Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-50537 2024-11-19 WordPress Smart Mockups plugin <= 1.2.0 - Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-50536 2024-11-19 WordPress GDReseller plugin <= 1.6 - Cross Site Scripting (XSS) vulnerability
CVE-2024-50535 2024-11-19 WordPress Step by Step plugin <= 0.4.5 - Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-50522 2024-11-19 WordPress WeChat Subscribers Lite plugin <= 1.6.6 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-50521 2024-11-19 WordPress Alley Elementor Widget plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability
CVE-2024-50520 2024-11-19 WordPress Ancient World Linked Data plugin <= 0.2.1 - Cross Site Scripting (XSS) vulnerability
CVE-2024-50519 2024-11-19 WordPress Jigoshop – Store Exporter plugin <= 1.5.8 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-50518 2024-11-19 WordPress Pricer Ninja plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability
CVE-2024-50517 2024-11-19 WordPress ID-SK Toolkit plugin <= 1.7.2 - Cross Site Scripting (XSS) vulnerability
CVE-2024-50516 2024-11-19 WordPress Countdown & Clock plugin <= 2.8.0.9 - Cross Site Scripting (XSS) vulnerability
CVE-2024-50515 2024-11-19 WordPress Ninja Forms – The Contact Form Builder That Grows With You plugin <= 3.8.16 - Cross Site Scripting (XSS) vulnerability
CVE-2024-50514 2024-11-19 WordPress Ninja Forms – The Contact Form Builder That Grows With You plugin <= 3.8.16 - Cross Site Scripting (XSS) vulnerability
CVE-2024-50513 2024-11-19 WordPress Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin <= 4.1.15 - Cross Site Scripting (XSS) vulnerability
CVE-2024-52421 2024-11-19 WordPress WP Popup Window Maker plugin <= 2.0 - CSRF to Stored XSS vulnerability
CVE-2024-51657 2024-11-19 WordPress SmartLink Dynamic URLs plugin <= 1.1.0 - CSRF to Stored XSS vulnerability
CVE-2024-51656 2024-11-19 WordPress Flash Show And Hide Box plugin <= 1.6 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-51655 2024-11-19 WordPress Custom Author URL plugin <= 2.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-51654 2024-11-19 WordPress APK Downloader plugin <= 1.0.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-51653 2024-11-19 WordPress UPDATE NOTIFICATIONS plugin <= 0.3.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-51652 2024-11-19 WordPress Skip To plugin <= 2.0.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-51650 2024-11-19 WordPress Random Featured Post plugin <= 1.1.3 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-51649 2024-11-19 WordPress Mobilize plugin <= 3.0.7 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-51648 2024-11-19 WordPress e-shops plugin 1.0.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-51645 2024-11-19 WordPress ThemeFuse Maintenance Mode plugin <= 1.1.3 - CSRF to Stored XSS vulnerability
CVE-2024-51644 2024-11-19 WordPress Addressbook plugin <= 1.1.3 - CSRF to Stored XSS vulnerability
CVE-2024-51643 2024-11-19 WordPress Amazon Associate Filter plugin <= 0.4 - CSRF to Stored XSS vulnerability
CVE-2024-51642 2024-11-19 WordPress Seo Free plugin <= 1.4 - CSRF to Stored XSS vulnerability
CVE-2024-51641 2024-11-19 WordPress Advanced PDF Generator plugin <= 0.4.0 - CSRF to Stored XSS vulnerability
CVE-2024-51640 2024-11-19 WordPress MDR Webmaster Tools plugin <= 1.1 - CSRF to Stored XSS vulnerability
CVE-2024-51639 2024-11-19 WordPress Naver Blog plugin <= 1.0 - CSRF to Stored XSS vulnerability
CVE-2024-51638 2024-11-19 WordPress Awesome Shortcodes For Genesis plugin 1.1.8 - Cross Site Scripting (XSS) vulnerability
CVE-2024-51637 2024-11-19 WordPress Admin SMS Alert plugin <= 1.1.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-51636 2024-11-19 WordPress Plugin Name: GMO Social Connection plugin <= 1.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-51635 2024-11-19 WordPress While Loading plugin <= 3.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-51634 2024-11-19 WordPress Webriti Custom Login plugin <= 0.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-51633 2024-11-19 WordPress Simple Page Specific Sidebars plugin <= 2.14.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-51632 2024-11-19 WordPress SH Slideshow plugin <= 4.3 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-51631 2024-11-19 WordPress Sticky Social Bar plugin <= 2.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-50534 2024-11-19 WordPress World Prayer Time plugin <= 2.0 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-50533 2024-11-19 WordPress Domain Sharding plugin <= 1.2.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2024-50532 2024-11-19 WordPress Events Manager Pro – extended plugin <= 0.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-52420 2024-11-19 WordPress Disable Admin Notices individually plugin <= 1.3.5 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-52402 2024-11-19 WordPress Exclusive Content Password Protect plugin <= 1.1.0 - CSRF to Arbitrary File Upload vulnerability
CVE-2024-52401 2024-11-19 WordPress Hacklog DownloadManager plugin <=2.1.4 - CSRF to Arbitrary File Upload vulnerability
CVE-2024-52388 2024-11-19 WordPress Hebrew Date plugin <= 2.1.0 - CSRF to Stored XSS vulnerability
CVE-2024-51686 2024-11-19 WordPress Manage User Columns plugin <= 1.0.5 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-43338 2024-11-19 WordPress Crowdsignal Polls & Ratings plugin <= 3.1.2 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-50303 2024-11-19 resource,kexec: walk_system_ram_res_rev must retain resource flags
CVE-2024-50304 2024-11-19 ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()
CVE-2024-53042 2024-11-19 ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()
CVE-2024-53043 2024-11-19 mctp i2c: handle NULL header address
CVE-2024-53044 2024-11-19 net/sched: sch_api: fix xa_insert() error path in tcf_block_get_ext()
CVE-2024-53045 2024-11-19 ASoC: dapm: fix bounds checker error in dapm_widget_list_create
CVE-2024-53046 2024-11-19 arm64: dts: imx8ulp: correct the flexspi compatible string
CVE-2024-53047 2024-11-19 mptcp: init: protect sched with rcu_read_lock
CVE-2024-53048 2024-11-19 ice: fix crash on probe for DPLL enabled E810 LOM
CVE-2024-53049 2024-11-19 slub/kunit: fix a WARNING due to unwrapped __kmalloc_cache_noprof
CVE-2024-53050 2024-11-19 drm/i915/hdcp: Add encoder check in hdcp2_get_capability
CVE-2024-53051 2024-11-19 drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability
CVE-2024-53052 2024-11-19 io_uring/rw: fix missing NOWAIT check for O_DIRECT start write
CVE-2024-53053 2024-11-19 scsi: ufs: core: Fix another deadlock during RTC update
CVE-2024-53055 2024-11-19 wifi: iwlwifi: mvm: fix 6 GHz scan construction
CVE-2024-53056 2024-11-19 drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy()
CVE-2024-53057 2024-11-19 net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT
CVE-2024-53058 2024-11-19 net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data
CVE-2024-53059 2024-11-19 wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()
CVE-2022-47424 2024-11-19 WordPress ARMember plugin <= 4.0.5 - Cross Site Request Forgery (CSRF)
CVE-2024-42450 2024-11-19 The Versa Director uses PostgreSQL (Postgres) to store operational and...
CVE-2024-53060 2024-11-19 drm/amdgpu: prevent NULL pointer dereference if ATIF is not supported
CVE-2024-53061 2024-11-19 media: s5p-jpeg: prevent buffer overflows
CVE-2024-53062 2024-11-19 media: mgb4: protect driver against spectre
CVE-2024-53063 2024-11-19 media: dvbdev: prevent the risk of out of memory access
CVE-2024-53064 2024-11-19 idpf: fix idpf_vc_core_init error path
CVE-2024-53065 2024-11-19 mm/slab: fix warning caused by duplicate kmem_cache creation in kmem_buckets_create
CVE-2024-53066 2024-11-19 nfs: Fix KMSAN warning in decode_getfattr_attrs()
CVE-2024-53067 2024-11-19 scsi: ufs: core: Start the RTC update work later
CVE-2024-53068 2024-11-19 firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier()
CVE-2024-53069 2024-11-19 firmware: qcom: scm: fix a NULL-pointer dereference
CVE-2024-53070 2024-11-19 usb: dwc3: fix fault at system suspend if device was already runtime suspended
CVE-2024-53071 2024-11-19 drm/panthor: Be stricter about IO mapping flags
CVE-2024-53072 2024-11-19 platform/x86/amd/pmc: Detect when STB is not available
CVE-2024-53073 2024-11-19 NFSD: Never decrement pending_async_copies on error
CVE-2024-53074 2024-11-19 wifi: iwlwifi: mvm: don't leak a link on AP removal
CVE-2024-53075 2024-11-19 riscv: Prevent a bad reference count on CPU nodes
CVE-2024-53076 2024-11-19 iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table()
CVE-2024-53077 2024-11-19 rpcrdma: Always release the rpcrdma_device's xa_array
CVE-2024-53078 2024-11-19 drm/tegra: Fix NULL vs IS_ERR() check in probe()
CVE-2024-10224 2024-11-19 Qualys discovered that if unsanitized input was used with the...
CVE-2024-11003 2024-11-19 Qualys discovered that needrestart, before version 3.8, passes unsanitized data...
CVE-2024-48990 2024-11-19 Qualys discovered that needrestart, before version 3.8, allows local attackers...
CVE-2024-48991 2024-11-19 Qualys discovered that needrestart, before version 3.8, allows local attackers...
CVE-2024-48992 2024-11-19 Qualys discovered that needrestart, before version 3.8, allows local attackers...
CVE-2024-53079 2024-11-19 mm/thp: fix deferred split unqueue naming and locking
CVE-2024-53080 2024-11-19 drm/panthor: Lock XArray when getting entries for the VM
CVE-2024-53081 2024-11-19 media: ar0521: don't overflow when checking PLL values
CVE-2024-53082 2024-11-19 virtio_net: Add hash_key_length check
CVE-2024-53083 2024-11-19 usb: typec: qcom-pmic: init value of hdr_len/txbuf_len earlier
CVE-2024-53084 2024-11-19 drm/imagination: Break an object reference loop