noviembre 2024 - AlterPlex

30 Nov 2024

CVE-2024-53772

Título es

CVE-2024-53772

Sáb, 30/11/2024 – 22:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-53772

Descripción en

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Mail Picker allows DOM-Based XSS.This issue affects Mail Picker: from n/a through 1.0.14.

30/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/wordpress/plugin/mail-picker/vulnerability/wordpress-mail-picker-plugin-1-0-14-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

30 Nov 2024

CVE-2024-53771

Título es

CVE-2024-53771

Sáb, 30/11/2024 – 22:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-53771

Descripción en

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sergio Micó SimpleSchema allows DOM-Based XSS.This issue affects SimpleSchema: from n/a through 1.7.6.9.

30/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/wordpress/plugin/simpleschema-free/vulnerability/wordpress-simpleschema-plugin-1-7-6-9-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

30 Nov 2024

CVE-2024-53767

Título es

CVE-2024-53767

Sáb, 30/11/2024 – 22:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-53767

Descripción en

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixobe Pixobe Cartography allows DOM-Based XSS.This issue affects Pixobe Cartography: from n/a through 1.0.1.

30/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/wordpress/plugin/pixobe-cartography/vulnerability/wordpress-pixobe-cartography-plugin-1-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

30 Nov 2024

CVE-2024-53766

Título es

CVE-2024-53766

Sáb, 30/11/2024 – 22:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-53766

Descripción en

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Devnex Devnex Addons For Elementor allows DOM-Based XSS.This issue affects Devnex Addons For Elementor: from n/a through 1.0.8.

30/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/wordpress/plugin/devnex-addons-for-elementor/vulnerability/wordpress-devnex-addons-for-elementor-plugin-1-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

30 Nov 2024

CVE-2024-53764

Título es

CVE-2024-53764

Sáb, 30/11/2024 – 22:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-53764

Descripción en

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftHopper Softtemplates For Elementor allows DOM-Based XSS.This issue affects Softtemplates For Elementor: from n/a through 1.0.8.

30/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/wordpress/plugin/softtemplates-for-elementor/vulnerability/wordpress-softtemplates-for-elementor-plugin-1-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

30 Nov 2024

CVE-2024-53763

Título es

CVE-2024-53763

Sáb, 30/11/2024 – 22:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-53763

Descripción en

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rejuan Ahamed Best Addons for Elementor allows Stored XSS.This issue affects Best Addons for Elementor: from n/a through 1.0.5.

30/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/wordpress/plugin/best-addons-for-elementor/vulnerability/wordpress-best-addons-for-elementor-plugin-1-0-5-stored-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

30 Nov 2024

CVE-2024-53786

Título es

CVE-2024-53786

Sáb, 30/11/2024 – 22:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-53786

Descripción en

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeless Cowidgets – Elementor Addons allows Stored XSS.This issue affects Cowidgets – Elementor Addons: from n/a through 1.2.0.

30/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/wordpress/plugin/cowidgets-elementor-addons/vulnerability/wordpress-cowidgets-elementor-addons-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

30 Nov 2024

CVE-2024-53778

Título es

CVE-2024-53778

Sáb, 30/11/2024 – 22:15

Tipo

CWE-352

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-53778

Descripción en

Cross-Site Request Forgery (CSRF) vulnerability in Essential Marketer Essential Breadcrumbs allows Stored XSS.This issue affects Essential Breadcrumbs: from n/a through 1.1.1.

30/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/wordpress/plugin/essential-breadcrumbs/vulnerability/wordpress-essential-breadcrumbs-plugin-1-1-1-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

30 Nov 2024

CVE-2024-53774

Título es

CVE-2024-53774

Sáb, 30/11/2024 – 22:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-53774

Descripción en

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sparkle WP Sparkle Elementor Kit allows DOM-Based XSS.This issue affects Sparkle Elementor Kit: from n/a through 2.0.9.

30/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/wordpress/plugin/sparkle-elementor-kit/vulnerability/wordpress-sparkle-elementor-kit-plugin-2-0-9-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

30 Nov 2024

CVE-2024-53773

Título es

CVE-2024-53773

Sáb, 30/11/2024 – 22:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-53773

Descripción en

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Praca.Pl sp. Z o.O. Znajdź Pracę z Praca.Pl allows DOM-Based XSS.This issue affects Znajdź Pracę z Praca.Pl: from n/a through 2.2.3.

30/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/wordpress/plugin/znajdz-prace-z-pracapl/vulnerability/wordpress-znajdz-prace-z-praca-pl-plugin-2-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

Archivos mensuales: noviembre 2024