Security Vulnerabilities - CVEs Published In March 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPAssist.Me WordPress Countdown Widget allows Cross-Site Scripting (XSS).This issue affects WordPress Countdown Widget: from n/a through 3.1.9.1.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-03-27
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash.This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.6.4.3.
CVSS Score
4.7
EPSS Score
0.04
Published
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DearHive DearFlip allows Stored XSS.This issue affects DearFlip: from n/a through 2.2.26.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftLab Radio Player allows Stored XSS.This issue affects Radio Player: from n/a through 2.0.73.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ReviewX allows Stored XSS.This issue affects ReviewX: from n/a through 1.6.22.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mehanoid.Pro FlatPM allows Stored XSS.This issue affects FlatPM: from n/a before 3.1.05.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Heateor Fancy Comments WordPress allows Stored XSS.This issue affects Fancy Comments WordPress: from n/a through 1.2.14.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShopUp Shipping with Venipak for WooCommerce allows Reflected XSS.This issue affects Shipping with Venipak for WooCommerce: from n/a through 1.19.5.
CVSS Score
7.1
EPSS Score
0.002
Published
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Reservation Diary ReDi Restaurant Reservation allows Reflected XSS.This issue affects ReDi Restaurant Reservation: from n/a through 24.0128.
CVSS Score
7.1
EPSS Score
0.002
Published
2024-03-27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hot Themes Hot Random Image allows Stored XSS.This issue affects Hot Random Image: from n/a through 1.8.1.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-03-27