noviembre 2024 - Página 71 de 117

9 Nov 2024

CVE-2024-51604

Título es

CVE-2024-51604

Sáb, 09/11/2024 – 15:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51604

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Carlo Andro Mabugay Media Modal allows DOM-Based XSS.This issue affects Media Modal: from n/a through 1.0.2.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/media-modal/wordpress-media-modal-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51603

Título es

CVE-2024-51603

Sáb, 09/11/2024 – 15:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51603

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mircea N. NMR Strava activities allows DOM-Based XSS.This issue affects NMR Strava activities: from n/a through 1.0.6.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/nmr-strava-activities/wordpress-nmr-strava-activities-plugin-1-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51599

Título es

CVE-2024-51599

Sáb, 09/11/2024 – 15:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51599

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Russell Albin Simple Business Manager allows Stored XSS.This issue affects Simple Business Manager: from n/a through 4.6.7.4.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/simple-business-manager/wordpress-simple-business-manager-plugin-4-6-7-4-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51598

Título es

CVE-2024-51598

Sáb, 09/11/2024 – 15:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51598

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kendysond Selar.Co Widget allows DOM-Based XSS.This issue affects Selar.Co Widget: from n/a through 1.2.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/selar-co-widget/wordpress-selar-co-widget-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51597

Título es

CVE-2024-51597

Sáb, 09/11/2024 – 15:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51597

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeShark ThemeShark Templates & Widgets for Elementor allows Stored XSS.This issue affects ThemeShark Templates & Widgets for Elementor: from n/a through 1.1.7.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/themeshark-elementor/wordpress-themeshark-templates-widgets-for-elementor-plugin-1-1-7-stored-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51609

Título es

CVE-2024-51609

Sáb, 09/11/2024 – 15:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51609

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Elsner Technologies Pvt. Ltd. Emoji Shortcode allows Stored XSS.This issue affects Emoji Shortcode: from n/a through 1.0.0.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/emoji-shortcode/wordpress-emoji-shortcode-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51608

Título es

CVE-2024-51608

Sáb, 09/11/2024 – 15:15

Tipo

CWE-89

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51608

Descripción en

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pluginhandy AmaDiscount allows SQL Injection.This issue affects AmaDiscount: from n/a through 1.0.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

8.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/amadiscount/wordpress-amadiscount-plugin-plugin-1-0-sql-injection-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51606

Título es

CVE-2024-51606

Sáb, 09/11/2024 – 15:15

Tipo

CWE-89

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51606

Descripción en

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Blrt Blrt WP Embed allows SQL Injection.This issue affects Blrt WP Embed: from n/a through 1.6.9.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

8.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/blrt-wp-embed/wordpress-blrt-wp-embed-plugin-1-6-9-sql-injection-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51605

Título es

CVE-2024-51605

Sáb, 09/11/2024 – 15:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51605

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Genoo, LLC Genoo allows DOM-Based XSS.This issue affects Genoo: from n/a through 6.0.10.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/genoo/wordpress-genoo-plugin-6-0-10-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51610

Título es

CVE-2024-51610

Sáb, 09/11/2024 – 15:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51610

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SEO Themes Display Terms Shortcode allows Stored XSS.This issue affects Display Terms Shortcode: from n/a through 1.0.4.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/vulnerability/display-terms-shortcode/wordpress-display-terms-shortcode-plugin-1-0-4-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

Archivos mensuales: noviembre 2024