Vulnerabilities protected by our XSS: Cross Site Scripting firewall rule

15,606,270
Attacks Blocked in Past 24 Hours

Showing 101-120 of 7,093 Vulnerabilities

AchillesTheme-shortcodes <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51878
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
best bootstrap widgets for elementor <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51851
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Alert Me! <= 0.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51825
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Be Shortcodes <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51881
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Bamboo Enquiries <= 1.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51859
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Adventure Bucket List <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51908
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
codeSnips <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51808
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Add Ribbon Shortcode <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51823
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Boombox Shortcode <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51827
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Community Yard Sale <= 1.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51846
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More <= 1.8.3 - Reflected Cross-Site Scripting
6.1
CVE-2024-10876
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AgendaPress – Easily Publish Meeting Agendas and Programs on WordPress <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51807
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Bitcoin Payments <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51826
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Anant Addons for Elementor <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51813
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Smooth Maps <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51901
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Browsing History <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51885
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Awesome Tool Tip <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-52349
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages <= 1.7.6 - Reflected Cross-Site Scripting
6.1
CVE-2024-9226
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Blocks Post Grid <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-51928
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Christian Science Bible Lesson Subjects <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
6.4
CVE-2024-52353
Nov 8, 2024
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
AchillesTheme-shortcodes <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51878 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
best bootstrap widgets for elementor <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51851 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Alert Me! <= 0.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51825 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Be Shortcodes <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51881 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Bamboo Enquiries <= 1.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51859 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Adventure Bucket List <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51908 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
codeSnips <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51808 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Add Ribbon Shortcode <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51823 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Boombox Shortcode <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51827 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Community Yard Sale <= 1.1.11 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51846 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More <= 1.8.3 - Reflected Cross-Site Scripting CVE-2024-10876 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 8, 2024
AgendaPress – Easily Publish Meeting Agendas and Programs on WordPress <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51807 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Bitcoin Payments <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51826 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Anant Addons for Elementor <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51813 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Smooth Maps <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51901 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Browsing History <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51885 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Awesome Tool Tip <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-52349 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Landing Page Cat – Coming Soon Page, Maintenance Page & Squeeze Pages <= 1.7.6 - Reflected Cross-Site Scripting CVE-2024-9226 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N November 8, 2024
Blocks Post Grid <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51928 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024
Christian Science Bible Lesson Subjects <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-52353 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N November 8, 2024

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation