The following table lists the changes that have been made to the CVE-2024-44903 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Mar. 25, 2025 Action […]
CVE ID : CVE-2024-13123 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The AFI WordPress plugin before 1.100.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example […]
CVE ID : CVE-2024-13122 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The AFI WordPress plugin before 1.100.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example […]
CVE ID : CVE-2024-13118 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The IP Based Login WordPress plugin before 2.4.1 does not have CSRF checks in some places, which could allow attackers to make logged in users delete all logs via a CSRF attack Severity: 0.0 | NA Visit the link […]
CVE ID : CVE-2024-12769 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The Simple Banner WordPress plugin before 3.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for […]
CVE ID : CVE-2024-12682 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The Smart Maintenance Mode WordPress plugin before 1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed […]
CVE ID : CVE-2024-11503 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The WP Tabs WordPress plugin before 2.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for […]
CVE ID : CVE-2024-12109 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The Product Labels For Woocommerce (Sale Badges) WordPress plugin before 1.5.9 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks Severity: 0.0 | NA Visit the link […]
CVE ID : CVE-2024-11272 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The Contact Form & SMTP Plugin for WordPress by PirateForms WordPress plugin before 2.6.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even […]
CVE ID : CVE-2024-11273 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The Contact Form & SMTP Plugin for WordPress by PirateForms WordPress plugin before 2.6.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
