2024 - Página 78 de 834

16 Dic 2024

CVE-2024-54440

Título es

CVE-2024-54440

Lun, 16/12/2024 – 15:15

Tipo

CWE-352

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-54440

Descripción en

Cross-Site Request Forgery (CSRF) vulnerability in blueskyy WP-Ban-User allows Stored XSS.This issue affects WP-Ban-User: from n/a through 1.0.

16/12/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/wordpress/plugin/wp-ban-user/vulnerability/wordpress-wp-ban-user-plugin-1-0-csrf-to-stored-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

16 Dic 2024

CVE-2024-54439

Título es

CVE-2024-54439

Lun, 16/12/2024 – 15:15

Tipo

CWE-352

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-54439

Descripción en

Cross-Site Request Forgery (CSRF) vulnerability in Alok Tiwari Amazon Product Price allows Stored XSS.This issue affects Amazon Product Price: from n/a through 1.1.

16/12/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/wordpress/plugin/amazon-product-price/vulnerability/wordpress-amazon-product-price-plugin-1-1-csrf-to-stored-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

16 Dic 2024

CVE-2024-54438

Título es

CVE-2024-54438

Lun, 16/12/2024 – 15:15

Tipo

CWE-352

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-54438

Descripción en

Cross-Site Request Forgery (CSRF) vulnerability in GAxx Gaxx Keywords allows Stored XSS.This issue affects Gaxx Keywords: from n/a through 0.2.

16/12/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/wordpress/plugin/gaxx-keywords/vulnerability/wordpress-gaxx-keywords-plugin-0-2-csrf-to-stored-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

16 Dic 2024

CVE-2024-54437

Título es

CVE-2024-54437

Lun, 16/12/2024 – 15:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-54437

Descripción en

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Merrill M. Mayer jCarousel allows Stored XSS.This issue affects jCarousel: from n/a through 1.0.

16/12/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/wordpress/plugin/jcarousel-for-wordpress/vulnerability/wordpress-jcarousel-for-wordpress-plugin-1-0-csrf-to-stored-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

16 Dic 2024

CVE-2024-54436

Título es

CVE-2024-54436

Lun, 16/12/2024 – 15:15

Tipo

CWE-352

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-54436

Descripción en

Cross-Site Request Forgery (CSRF) vulnerability in Jettochkin Jet Footer Code allows Stored XSS.This issue affects Jet Footer Code: from n/a through 1.4.

16/12/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/wordpress/plugin/jet-footer-code/vulnerability/wordpress-jet-footer-code-plugin-1-4-csrf-to-stored-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

16 Dic 2024

CVE-2024-54435

Título es

CVE-2024-54435

Lun, 16/12/2024 – 15:15

Tipo

CWE-352

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-54435

Descripción en

Cross-Site Request Forgery (CSRF) vulnerability in Thomas Hoefter Onlywire Multi Autosubmitter allows Stored XSS.This issue affects Onlywire Multi Autosubmitter: from n/a through 1.2.4.

16/12/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/wordpress/plugin/onlywire-multi-autosubmitter/vulnerability/wordpress-onlywire-multi-autosubmitter-plugin-1-2-4-csrf-to-stored-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

16 Dic 2024

CVE-2024-54434

Título es

CVE-2024-54434

Lun, 16/12/2024 – 15:15

Tipo

CWE-352

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-54434

Descripción en

Cross-Site Request Forgery (CSRF) vulnerability in Phoetry phZoom allows Stored XSS.This issue affects phZoom: from n/a through 1.2.92.

16/12/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/wordpress/plugin/phzoom/vulnerability/wordpress-phzoom-plugin-1-2-92-csrf-to-stored-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

16 Dic 2024

CVE-2024-54433

Título es

CVE-2024-54433

Lun, 16/12/2024 – 15:15

Tipo

CWE-352

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-54433

Descripción en

Cross-Site Request Forgery (CSRF) vulnerability in Simple Booking Simple Booking Widget allows Stored XSS.This issue affects Simple Booking Widget: from n/a through 1.1.

16/12/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/wordpress/plugin/simple-booking-widget/vulnerability/wordpress-simple-booking-widget-plugin-1-1-csrf-to-stored-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

16 Dic 2024

CVE-2024-54442

Título es

CVE-2024-54442

Lun, 16/12/2024 – 15:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-54442

Descripción en

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lluís Cortès Better WP Login Page allows Stored XSS.This issue affects Better WP Login Page: from n/a through 1.1.2.

16/12/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

5.90

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/wordpress/plugin/better-wp-login-page/vulnerability/wordpress-better-wp-login-page-plugin-better-wp-login-page-1-1-2-stored-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

16 Dic 2024

CVE-2024-54441

Título es

CVE-2024-54441

Lun, 16/12/2024 – 15:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-54441

Descripción en

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Meini Utech World Time allows Stored XSS.This issue affects Utech World Time: from n/a through 1.0.

16/12/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

6.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

MEDIUM

Referencias

https://patchstack.com/database/wordpress/plugin/utech-world-time-for-wp/vulnerability/wordpress-utech-world-time-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

Archivos anuales: 2024