septiembre 2024 - Página 58 de 136

18 Sep 2024

CVE-2024-44003

Título es

CVE-2024-44003

Mié, 18/09/2024 – 00:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-44003

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in spicethemes Spice Starter Sites allows Reflected XSS.This issue affects Spice Starter Sites: from n/a through 1.2.5.

18/09/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/spice-starter-sites/wordpress-spice-starter-sites-plugin-1-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

18 Sep 2024

CVE-2024-44002

Título es

CVE-2024-44002

Mié, 18/09/2024 – 00:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-44002

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Team Showcase allows Reflected XSS.This issue affects Team Showcase: from n/a through 1.22.25.

18/09/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/team/wordpress-team-showcase-plugin-1-22-25-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

18 Sep 2024

CVE-2024-44001

Título es

CVE-2024-44001

Mié, 18/09/2024 – 00:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-44001

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons allows Stored XSS.This issue affects Royal Elementor Addons: from n/a through 1.3.982.

18/09/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/royal-elementor-addons/wordpress-royal-elementor-addons-and-templates-plugin-1-3-982-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

18 Sep 2024

CVE-2024-43999

Título es

CVE-2024-43999

Mié, 18/09/2024 – 00:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-43999

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Saturday Drive Ninja Forms allows Stored XSS.This issue affects Ninja Forms: from n/a through 3.8.11.

18/09/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

5.90

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/ninja-forms/wordpress-ninja-forms-plugin-3-8-11-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

18 Sep 2024

CVE-2024-45451

Título es

CVE-2024-45451

Mar, 17/09/2024 – 23:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-45451

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Roseta allows Stored XSS.This issue affects Roseta: from n/a through 1.3.0.

18/09/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/roseta/wordpress-roseta-theme-1-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

18 Sep 2024

CVE-2024-45452

Título es

CVE-2024-45452

Mar, 17/09/2024 – 23:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-45452

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Septera septera allows Stored XSS.This issue affects Septera: from n/a through 1.5.1.

18/09/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/septera/wordpress-septera-theme-1-5-1-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

18 Sep 2024

CVE-2024-43971

Título es

CVE-2024-43971

Mié, 18/09/2024 – 00:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-43971

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Sunshine Sunshine Photo Cart allows Reflected XSS.This issue affects Sunshine Photo Cart: from n/a through 3.2.5.

18/09/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/sunshine-photo-cart/wordpress-sunshine-photo-cart-free-client-photo-galleries-for-photographers-plugin-3-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

18 Sep 2024

CVE-2024-43970

Título es

CVE-2024-43970

Mié, 18/09/2024 – 00:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-43970

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SureCart allows Reflected XSS.This issue affects SureCart: from n/a through 2.29.3.

18/09/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/surecart/wordpress-surecart-plugin-2-29-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

18 Sep 2024

CVE-2024-43988

Título es

CVE-2024-43988

Mié, 18/09/2024 – 00:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-43988

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in digitalnature Mystique allows Stored XSS.This issue affects Mystique: from n/a through 2.5.7.

18/09/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/mystique/wordpress-mystique-theme-2-5-7-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

18 Sep 2024

CVE-2024-43987

Título es

CVE-2024-43987

Mié, 18/09/2024 – 00:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-43987

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wayneconnor Sliding Door allows Stored XSS.This issue affects Sliding Door: from n/a through 3.6.

18/09/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/sliding-door/wordpress-sliding-door-theme-3-6-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

Archivos mensuales: septiembre 2024