Medium - CVE-2024-11731 - The Master Slider – Responsive Touch Slider...
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ms_slider shortcode in all versions up to, and including, 3.10.6...
Medium - CVE-2024-12815 - The Point Maker plugin for WordPress is...
The Point Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'point_maker' shortcode in all versions up to, and including, 0.1.6 due to...
High - CVE-2024-13232 - The WordPress Awesome Import & Export Plugin -...
The WordPress Awesome Import & Export Plugin - Import & Export WordPress Data plugin for WordPress is vulnerable arbitrary SQL Execution and privilege escalation due to a missing capability check...
Medium - CVE-2024-13747 - The WooMail - WooCommerce Email Customizer...
The WooMail - WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'template_delete_saved' function in all...
Medium - CVE-2024-13757 - The Master Slider – Responsive Touch Slider...
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ms_layer shortcode in all versions up to, and including, 3.10.6...
High - CVE-2024-13777 - The ZoomSounds - WordPress Wave Audio Player...
The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 6.91 via deserialization of untrusted...
Medium - CVE-2024-13778 - The Hero Mega Menu - Responsive WordPress Menu...
The Hero Mega Menu - Responsive WordPress Menu Plugin plugin for WordPress is vulnerable to SQL Injection via several functions in all versions up to, and including, 1.16.5 due to insufficient...
Medium - CVE-2024-13779 - The Hero Mega Menu - Responsive WordPress Menu...
The Hero Mega Menu - Responsive WordPress Menu Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'index' parameter in all versions up to, and including,...
Medium - CVE-2024-13780 - The Hero Mega Menu - Responsive WordPress Menu...
The Hero Mega Menu - Responsive WordPress Menu Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the hmenu_delete_menu() function in...
Critical - CVE-2024-13787 - The VEDA - MultiPurpose WordPress Theme theme...
The VEDA - MultiPurpose WordPress Theme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2 via deserialization of untrusted input in the...