Medium - CVE-2024-11278 - The GD bbPress Attachments plugin for WordPress...
The GD bbPress Attachments plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and...
NA - CVE-2024-10515 - In the process of testing the SEO Plugin by...
In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding...
NA - CVE-2024-52614 - Use of hard-coded cryptographic key issue...
Use of hard-coded cryptographic key issue exists in "Kura Sushi Official App Produced by EPARK" for Android versions prior to 3.8.5. If this vulnerability is exploited, a local attacker may obtain...
Medium - CVE-2024-9653 - The Restaurant Menu – Food Ordering System –...
The Restaurant Menu – Food Ordering System – Table Reservation plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'action' parameter in all versions up to, and...
Medium - CVE-2024-10365 - The The Plus Addons for Elementor – Elementor...
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and...
High - CVE-2024-10855 - The Image Optimizer, Resizer and CDN – Sirv...
The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the...
High - CVE-2024-10899 - The The WooCommerce Product Table Lite plugin...
The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.6. This is due to the software allowing users to...
Medium - CVE-2024-10900 - The ProfileGrid – User Profiles, Groups and...
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pm_remove_file_attachment()...
Medium - CVE-2024-11277 - The 404 Solution plugin for WordPress is...
The 404 Solution plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URLs in all versions up to, and including, 2.35.19 due to insufficient input sanitization and output...
Medium - CVE-2024-8726 - The MailChimp Forms by MailMunch plugin for...
The MailChimp Forms by MailMunch plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to,...