CVSS: 6.1EPSS: %CPEs: 1EXPL: 0CVE-2024-50519 – Jigoshop – Store Exporter <= 1.5.8 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-50519
The Jigoshop – Store Exporter plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.5.8 due to insufficient input sanitization and output escaping. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: %CPEs: 1EXPL: 0CVE-2024-50522 – WeChat Subscribers Lite <= 1.6.6 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-50522
The WeChat Subscribers Lite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.6.6 due to insufficient input sanitization and output escaping. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: %CPEs: 1EXPL: 0CVE-2024-50535 – Step by Step <= 0.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-50535
The Step by Step plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 0.4.5 due to insufficient input sanitization and output escaping. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-31975
https://notcve.org/view.php?id=CVE-2024-31975
EnGenius ESR580 devices through 1.1.30 allow a remote attacker to conduct stored XSS attacks via the Wi-Fi SSID parameters. ... Los dispositivos EnGenius ESR580 hasta la versión 1.1.30 permiten a un atacante remoto realizar ataques XSS almacenado a través de los parámetros SSID de Wi-Fi. ... EnGenius EWS356-Fit devices through 1.1.30 allow a remote attacker to conduct stored XSS attacks via the Wi-Fi SSID parameters. • https://github.com/actuator/cve/blob/main/Engenius/CVE-2024-31975 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10515 – SEO Plugin by Squirrly SEO <= 12.3.20 - Authenticated (Editor+) Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-10515
The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 12.3.20 due to insufficient input sanitization and output escaping. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •