CVE List - 2024 / July
Showing 2001 - 2100 of 3117 CVEs for July 2024 (Page 21 of 32)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-38689 | 2024-07-20 | WordPress Simple Popup plugin <= 4.4 - Cross-Site Scripting (XSS) vulnerability |
| CVE-2024-6635 | 2024-07-20 | WooCommerce - Social Login <= 2.7.3 - Unauthenticated Authentication Bypass |
| CVE-2024-6636 | 2024-07-20 | WooCommerce - Social Login <= 2.7.3 - Missing Authorization to Unauthenticated Privilege Escalation |
| CVE-2024-38687 | 2024-07-20 | WordPress Sky Addons for Elementor plugin <= 2.5.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38686 | 2024-07-20 | WordPress FancyPost plugin <= 5.3.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38685 | 2024-07-20 | WordPress WP Announcement plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38684 | 2024-07-20 | WordPress SlingBlocks plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38683 | 2024-07-20 | WordPress WooCommerce Report plugin <= 1.4.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38682 | 2024-07-20 | WordPress Post Layouts for Gutenberg plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38681 | 2024-07-20 | WordPress Magical Addons For Elementor plugin <= 1.1.41 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38680 | 2024-07-20 | WordPress Appmaker plugin <= 1.36.12 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38679 | 2024-07-20 | WordPress Animated Typed JS Shortcode plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38678 | 2024-07-20 | WordPress Calendar.online / Kalender.digital – Plugin plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38677 | 2024-07-20 | WordPress REVIEWS.io plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38676 | 2024-07-20 | WordPress Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.13 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38675 | 2024-07-20 | WordPress Arkhe Blocks plugin 2.22.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38674 | 2024-07-20 | WordPress SKT Addons for Elementor plugin <= 3.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38673 | 2024-07-20 | WordPress Multisite Content Copier/Updater plugin <= 1.5.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38672 | 2024-07-20 | WordPress AdPush plugin <= 1.50 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38671 | 2024-07-20 | WordPress WP GoToWebinar plugin <= 15.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38670 | 2024-07-20 | WordPress Team Members plugin <= 5.3.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38669 | 2024-07-20 | WordPress Predictive Search for WooCommerce plugin <= 6.0.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37961 | 2024-07-20 | WordPress codoc plugin <= 0.9.51.12 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37960 | 2024-07-20 | WordPress CodePen Embedded Pens Shortcode plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37959 | 2024-07-20 | WordPress Power BI Embedded for WordPress plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37958 | 2024-07-20 | WordPress Meks Smart Author Widget plugin <= 1.1.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37957 | 2024-07-20 | WordPress Bradmax Player plugin <= 1.1.27 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37956 | 2024-07-20 | WordPress VK All in One Expansion Unit plugin <= 9.99.1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37955 | 2024-07-20 | WordPress GutSlider – All in One Block Slider plugin <= 2.7.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37954 | 2024-07-20 | WordPress Simple Responsive Slider plugin <= 0.2.2.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37953 | 2024-07-20 | WordPress MBE eShip plugin <= 2.1.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37951 | 2024-07-20 | WordPress Magical Posts Display plugin <= 1.2.38 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37950 | 2024-07-20 | WordPress Master Popups plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37949 | 2024-07-20 | WordPress Responsive Mobile theme <= 1.15.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37948 | 2024-07-20 | WordPress Caxton – Create Pro page layouts in Gutenberg plugin <= 1.30.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37947 | 2024-07-20 | WordPress Tutor LMS plugin <= 2.7.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-6497 | 2024-07-20 | SEO Plugin by Squirrly SEO <= 12.3.19 - Authenticated (Contributor+) SQL Injection via url Parameter |
| CVE-2024-37946 | 2024-07-20 | WordPress ReCaptcha Integration for WordPress plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37944 | 2024-07-20 | WordPress WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin <= 5.9.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37943 | 2024-07-20 | WordPress YITH WooCommerce Ajax Product Filter plugin <= 5.1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37936 | 2024-07-20 | WordPress Tabs For WPBakery Page Builder plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37922 | 2024-07-20 | WordPress Premium Addons for Elementor plugin <= 4.10.34 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37920 | 2024-07-20 | WordPress ARForms Form Builder plugin <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37919 | 2024-07-20 | WordPress Timeline Module for Beaver Builder plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37918 | 2024-07-20 | WordPress ConeBlog plugin <= 1.4.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37565 | 2024-07-20 | WordPress Gum Elementor Addon plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37563 | 2024-07-20 | WordPress TOCHAT.BE plugin <= 1.3.0 - Unauthenticated Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37562 | 2024-07-20 | WordPress Simple Post Notes plugin <= 1.7.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37561 | 2024-07-20 | WordPress Plugin Notes Plus plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-6848 | 2024-07-20 | Post and Page Builder by BoldGrid – Visual Drag and Drop Editor <= 1.26.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via File Upload |
| CVE-2024-6932 | 2024-07-20 | ClassCMS cross site scripting |
| CVE-2024-6933 | 2024-07-21 | LimeSurvey Survey General Settings actionUpdateSurveyLocaleSettingsGeneralSettings sql injection |
| CVE-2024-6934 | 2024-07-21 | formtools.org Form Tools cross site scripting |
| CVE-2024-6935 | 2024-07-21 | formtools.org Form Tools User Settings Page cross site scripting |
| CVE-2024-6936 | 2024-07-21 | formtools.org Form Tools Setting code injection |
| CVE-2024-6937 | 2024-07-21 | formtools.org Form Tools Import Option List edit.php curl_exec file inclusion |
| CVE-2024-6938 | 2024-07-21 | SiYuan PDF PDF.js cross site scripting |
| CVE-2024-6939 | 2024-07-21 | Xinhu RockOA tpl_upload.html okla cross site scripting |
| CVE-2024-6940 | 2024-07-21 | DedeCMS article_template_rand.php code injection |
| CVE-2024-6941 | 2024-07-21 | ThinkSAAS do.php cross site scripting |
| CVE-2024-6942 | 2024-07-21 | ThinkSAAS Admin Panel Security Center anti.php cross site scripting |
| CVE-2024-37559 | 2024-07-21 | WordPress counterpoint theme <= 1.8.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37558 | 2024-07-21 | WordPress WPFavicon plugin <= 2.1.1 - Cross-Site Scripting (XSS) vulnerability |
| CVE-2024-37557 | 2024-07-21 | WordPress WP Cookie Law Info plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37556 | 2024-07-21 | WordPress WordPress Notification Bar plugin <= 1.3.10 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37552 | 2024-07-21 | WordPress Social Media Share Buttons & Social Sharing Icons plugin <= 2.9.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37551 | 2024-07-21 | WordPress Simple Social Share plugin <= 3.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37550 | 2024-07-21 | WordPress Template Kit – Export plugin <= 1.0.22 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-6943 | 2024-07-21 | ZhongBangKeJi CRMEB CopyTaobaoServices.php downloadImage deserialization |
| CVE-2024-37549 | 2024-07-21 | WordPress Save as PDF plugin by Pdfcrowd plugin <= 4.0.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37548 | 2024-07-21 | WordPress Meks Easy Ads Widget plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37545 | 2024-07-21 | WordPress Floating Social Media Links plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37538 | 2024-07-21 | WordPress Link To Bible plugin <= 2.5.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37537 | 2024-07-21 | WordPress WS Contact Form plugin <= 1.3.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37536 | 2024-07-21 | WordPress Easy Custom Code (LESS/CSS/JS) Plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38434 | 2024-07-21 | Unitronics Vision PLC - CWE-676: Use of Potentially Dangerous Function |
| CVE-2024-37523 | 2024-07-21 | WordPress Login Logo Editor plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38435 | 2024-07-21 | Unitronics Vision PLC - CWE-703: Improper Check or Handling of Exceptional Conditions |
| CVE-2024-37522 | 2024-07-21 | WordPress CC & BCC for Woocommerce Order Emails plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37521 | 2024-07-21 | WordPress zBench theme <= 1.4.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38436 | 2024-07-21 | Commugen SOX 365 – CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| CVE-2024-37519 | 2024-07-21 | WordPress Premium Blocks – Gutenberg Blocks for WordPress plugin <= 2.1.27 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37515 | 2024-07-21 | WordPress XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin] plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37514 | 2024-07-21 | WordPress CopySafe Web Protection plugin <= 3.14 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38437 | 2024-07-21 | D-Link - CWE-288: Authentication Bypass Using an Alternate Path or Channel |
| CVE-2024-37512 | 2024-07-21 | WordPress NEX-Forms – Ultimate Form Builder plugin <= 8.5.10 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37509 | 2024-07-21 | WordPress MakeCommerce for WooCommerce plugin <= 3.5.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-38438 | 2024-07-21 | D-Link - CWE-294: Authentication Bypass by Capture-replay |
| CVE-2024-37507 | 2024-07-21 | WordPress Eventin plugin <= 3.3.57 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37500 | 2024-07-21 | WordPress Beaver Builder plugin <= 2.8.2.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37495 | 2024-07-21 | WordPress Create by Mediavine plugin <= 1.9.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37492 | 2024-07-21 | WordPress Gutenberg plugin <= 18.6.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37489 | 2024-07-21 | WordPress Ocean Extra plugin <= 2.2.9 - Authenticated Cross Site Scripting (XSS) vulnerability |
| CVE-2024-37488 | 2024-07-21 | WordPress HelloAsso plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-6944 | 2024-07-21 | ZhongBangKeJi CRMEB PublicController.php get_image_base64 deserialization |
| CVE-2024-37487 | 2024-07-21 | WordPress WP Directory Kit plugin <= 1.3.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-6945 | 2024-07-21 | Flute CMS Avatar Upload Page ImagesController.php unrestricted upload |
| CVE-2024-6946 | 2024-07-21 | Flute CMS list code injection |
| CVE-2024-6947 | 2024-07-21 | Flute CMS Notification ContentParser.php replaceContent code injection |
| CVE-2024-6948 | 2024-07-21 | Gargaj wuhu Slide Editor slideeditor.php unrestricted upload |