CVE List - 2024 / December
Showing 101 - 200 of 3433 CVEs for December 2024 (Page 2 of 35)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-53769 | 2024-12-02 | WordPress Custom Post Type to Map Store plugin <= 1.1.0 - CSRF to Stored XSS vulnerability |
| CVE-2024-53765 | 2024-12-02 | WordPress Mins To Read plugin <= 1.2.2 - CSRF to Stored XSS vulnerability |
| CVE-2024-53762 | 2024-12-02 | WordPress FastBook plugin <= 1.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53761 | 2024-12-02 | WordPress WP Revisions Manager plugin <= 1.0.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-53759 | 2024-12-02 | WordPress ArCa Payment Gateway plugin <= 1.3.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53755 | 2024-12-02 | WordPress Third Party Cookie Eraser plugin <= 1.0.2 - CSRF to Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53754 | 2024-12-02 | WordPress Out Of Stock Badge plugin <= 1.3.1 - CSRF to Stored XSS vulnerability |
| CVE-2024-53753 | 2024-12-02 | WordPress CultBooking Hotel Booking Engine plugin <= 2.1 - CSRF to Stored XSS vulnerability |
| CVE-2024-53751 | 2024-12-02 | WordPress Build App Online plugin <= 1.0.22 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-53741 | 2024-12-02 | WordPress Simple Popup plugin <= 4.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53729 | 2024-12-02 | WordPress Blizzard Quotes plugin <= 1.3 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53728 | 2024-12-02 | WordPress Protect Your Content plugin <= 1.0.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53727 | 2024-12-02 | WordPress LinkLaunder SEO plugin <= 0.92.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53726 | 2024-12-02 | WordPress RealtyCandy IDX Broker Extended plugin <= 1.5.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53725 | 2024-12-02 | WordPress Post Hits Counter plugin <= 2.8.23 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53724 | 2024-12-02 | WordPress IceStats plugin <= 1.3 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53723 | 2024-12-02 | WordPress Google Plus Share and +1 Button plugin <= 1.0 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53722 | 2024-12-02 | WordPress Favicon My Blog plugin <= 1.0.2 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53721 | 2024-12-02 | WordPress Advanced Event Manager plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53720 | 2024-12-02 | WordPress WP-ISPConfig 3 plugin <= 1.5.6 - CSRF to Stored XSS vulnerability |
| CVE-2024-53719 | 2024-12-02 | WordPress Zajax – Ajax Navigation plugin <= 0.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53718 | 2024-12-02 | WordPress Multi Feed Reader plugin <= 2.2.4 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53717 | 2024-12-02 | WordPress yPHPlista plugin <= 1.1.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53716 | 2024-12-02 | WordPress wp auto top plugin <= 2.9.3 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53715 | 2024-12-02 | WordPress Simple Travel Map plugin <= 0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53714 | 2024-12-02 | WordPress Continue Shopping From Cart plugin <= 1.3 - CSRF to Stored XSS vulnerability |
| CVE-2024-53713 | 2024-12-02 | WordPress Silverlight Video Player plugin <= 1.0 - CSRF to Stored XSS vulnerability |
| CVE-2024-53712 | 2024-12-02 | WordPress Kevin's plugin <= 2.0.0 - CSRF to Stored XSS vulnerability |
| CVE-2024-53711 | 2024-12-02 | WordPress Hotlink2Watermark plugin <= 0.3.2 - CSRF to Stored XSS vulnerability |
| CVE-2024-53710 | 2024-12-02 | WordPress ITERAS plugin <= 1.7.0 - CSRF to Stored XSS vulnerability |
| CVE-2024-53709 | 2024-12-02 | WordPress Generic Elements plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-53708 | 2024-12-02 | WordPress AI Quiz plugin <= 1.1 - Broken Access Control vulnerability |
| CVE-2024-53707 | 2024-12-02 | WordPress Ahmeti Wp Güzel Sözler plugin <= 4.0 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-52503 | 2024-12-02 | WordPress Tailored Tools plugin <= 1.8.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52502 | 2024-12-02 | WordPress ImbaChat plugin <= 3.1.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52494 | 2024-12-02 | WordPress Dynamic To Top plugin <= 3.5.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52493 | 2024-12-02 | WordPress Meteor Slides plugin <= 1.5.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52492 | 2024-12-02 | WordPress Image horizontal reel scroll slideshow plugin <= 13.4 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52491 | 2024-12-02 | WordPress Sticky Social Icons plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52489 | 2024-12-02 | WordPress Add Chat App Button plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52487 | 2024-12-02 | WordPress Ultimate Classified Listings plugin <= 1.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52486 | 2024-12-02 | WordPress Elementor Portfolio Builder plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52484 | 2024-12-02 | WordPress Wc Recently viewed products plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52483 | 2024-12-02 | WordPress LeanPress plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52482 | 2024-12-02 | WordPress Ortto plugin <= 1.0.19 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52479 | 2024-12-02 | WordPress Jobify plugin <= 4.2.3 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-52478 | 2024-12-02 | WordPress Jobify theme <= 4.2.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52477 | 2024-12-02 | WordPress Document & Data Automation plugin <= 1.6.1 - CSRF to Stored XSS vulnerability |
| CVE-2024-52476 | 2024-12-02 | WordPress Fediverse Embeds plugin <= 1.5.3 - Arbitrary File Upload vulnerability |
| CVE-2024-52469 | 2024-12-02 | WordPress WooCommerce Price Alert plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52468 | 2024-12-02 | WordPress LeadBoxer plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52467 | 2024-12-02 | WordPress AI Responsive Gallery Album plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52466 | 2024-12-02 | WordPress Explara Events plugin <= 0.1.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52465 | 2024-12-02 | WordPress LGPD Framework plugin <= 2.0.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52464 | 2024-12-02 | WordPress amr shortcodes plugin <= 1.7 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52463 | 2024-12-02 | WordPress Post By Email plugin <= 1.0.4b - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52462 | 2024-12-02 | WordPress WP e-Commerce Style Email plugin <= 0.6.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52461 | 2024-12-02 | WordPress Infinite Slider plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52460 | 2024-12-02 | WordPress AtaraPay WooCommerce Payment Gateway plugin <= 2.0.13 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52459 | 2024-12-02 | WordPress Chameleoni Jobs plugin <= 2.5.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52458 | 2024-12-02 | WordPress TM Islamic Helper plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52457 | 2024-12-02 | WordPress Youneeq Recommendations plugin <= 3.0.7 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52456 | 2024-12-02 | WordPress Awesome Studio plugin <= 2.4.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52455 | 2024-12-02 | WordPress GoQSmile plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52454 | 2024-12-02 | WordPress GoQMieruca plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52453 | 2024-12-02 | WordPress Library Bookshelves plugin <= 5.8 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-52452 | 2024-12-02 | WordPress Open edX LMS plugin <= 2.6.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-51900 | 2024-12-02 | WordPress What Would Seth Godin Do plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38827 | 2024-12-02 | Spring Security Authorization Bypass for Case Sensitive Comparisons |
| CVE-2024-46908 | 2024-12-02 | WhatsUp Gold GetFilterCriteria SQL Injection Privilege Escalation Vulnerability |
| CVE-2024-46907 | 2024-12-02 | WhatsUp Gold GetFilterCriteria SQL Injection Privilege Escalation Vulnerability |
| CVE-2024-46906 | 2024-12-02 | WhatsUp Gold GetSqlWhereClause SQL Injection Privilege Escalation Vulnerability |
| CVE-2024-46905 | 2024-12-02 | WhatsUp Gold GetOrderByClause SQL Injection Privilege Escalation Vulnerability |
| CVE-2024-46909 | 2024-12-02 | WhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution Vulnerability |
| CVE-2024-8785 | 2024-12-02 | WhatsUp Gold Registry Overwrite Remote Code Execution Vulnerability |
| CVE-2024-10905 | 2024-12-02 | IdentityIQ Improper Access Control VulnerabilityIdentityIQ Improper Access Control Vulnerability |
| CVE-2024-53984 | 2024-12-02 | Nanopb does not release memory on error return when using PB_DECODE_DELIMITED |
| CVE-2024-53981 | 2024-12-02 | python-multipart has a Denial of service (DoS) via deformation `multipart/form-data` boundary |
| CVE-2024-53862 | 2024-12-02 | Argo Workflows Allows Access to Archived Workflows with Fake Token in `client` mode |
| CVE-2024-53259 | 2024-12-02 | quic-go affected by an ICMP Packet Too Large Injection Attack on Linux |
| CVE-2024-52806 | 2024-12-02 | SimpleSAMLphp SAML2 has an XXE in parsing SAML messages |
| CVE-2024-52596 | 2024-12-02 | SimpleSAMLphp xml-common XXE vulnerability |
| CVE-2024-50380 | 2024-12-02 | Authentication Bypass by Spoofing in Snap One OVRC cloud |
| CVE-2024-50381 | 2024-12-02 | Missing Authentication for Critical Function in Snap One OVRC cloud |
| CVE-2024-49763 | 2024-12-02 | PlexRipper allows API leak due to open CORS policy |
| CVE-2024-53992 | 2024-12-02 | unzip-bot Allows Remote Code Execution (RCE) via archive extraction, password prompt, or video upload |
| CVE-2024-53990 | 2024-12-02 | AsyncHttpClient (AHC) library's `CookieStore` replaces explicitly defined `Cookie`s |
| CVE-2024-5890 | 2024-12-02 | HTML Injection in the Assessment plugin |
| CVE-2018-9380 | 2024-12-02 | In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of... |
| CVE-2018-9381 | 2024-12-02 | In gatts_process_read_by_type_req of gatt_sr.c, there is a possible information disclosure... |
| CVE-2024-49581 | 2024-12-02 | Access control issue impacting RV backed objects |
| CVE-2018-9376 | 2024-12-02 | In rpc_msg_handler and related handlers of drivers/misc/mediatek/eccci/port_rpc.c, there is a... |
| CVE-2018-9413 | 2024-12-02 | In handle_notification_response of btif_rc.cc, there is a possible out of... |
| CVE-2024-53989 | 2024-12-02 | Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.0 |
| CVE-2018-9414 | 2024-12-02 | In gattServerSendResponseNative of com_android_bluetooth_gatt.cpp, there is a possible out of... |
| CVE-2024-53988 | 2024-12-02 | Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.0 |
| CVE-2024-53986 | 2024-12-02 | Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.0 |
| CVE-2024-53987 | 2024-12-02 | Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.0 |
| CVE-2024-53985 | 2024-12-02 | Possible XSS vulnerability with certain configurations of rails-html-sanitizer 1.6.0 |
| CVE-2018-9418 | 2024-12-02 | In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack buffer... |