CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10231
https://notcve.org/view.php?id=CVE-2024-10231
Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html https://issues.chromium.org/issues/372269618 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10230
https://notcve.org/view.php?id=CVE-2024-10230
Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html https://issues.chromium.org/issues/371565065 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10229
https://notcve.org/view.php?id=CVE-2024-10229
Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High) • https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html https://issues.chromium.org/issues/371011220 •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49672 – WordPress Google Docs RSVP plugin <= 2.0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-49672
Cross-Site Request Forgery (CSRF) vulnerability in Gifford Cheung, Brian Watanabe, Chongsun Ahn Google Docs RSVP allows Stored XSS.This issue affects Google Docs RSVP: from n/a through 2.0.1. Vulnerabilidad de falsificación de solicitud entre sitios (CSRF) en Google Docs RSVP de Gifford Cheung, Brian Watanabe y Chongsun Ahn permite XSS almacenado. Este problema afecta a Google Docs RSVP: desde n/a hasta 2.0.1. The Google Docs RSVP plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.1. This is due to missing or incorrect nonce validation on a function. • https://patchstack.com/database/vulnerability/google-docs-rsvp-guestlist/wordpress-google-docs-rsvp-plugin-2-0-1-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49606 – WordPress Google Map Locations plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-49606
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dotsquares Google Map Locations allows Reflected XSS.This issue affects Google Map Locations: from n/a through 1.0. The Google Map Locations plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://patchstack.com/database/vulnerability/google-map-locations/wordpress-google-map-locations-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •