| CVE-2024-4073 | Kashipara Online Furniture Shopping Ecommerce Website prodList.php cross site scripting | Kashipara | Online Furniture Shopping Ecommerce Website | Low | 3.5 | 2024-04-23 22:31:06 | Deep Dive |
| CVE-2024-4072 | Kashipara Online Furniture Shopping Ecommerce Website search.php cross site scripting | Kashipara | Online Furniture Shopping Ecommerce Website | Low | 3.5 | 2024-04-23 22:31:05 | Deep Dive |
| CVE-2024-4071 | Kashipara Online Furniture Shopping Ecommerce Website prodInfo.php sql injection | Kashipara | Online Furniture Shopping Ecommerce Website | Medium | 6.3 | 2024-04-23 22:00:07 | Deep Dive |
| CVE-2024-4070 | Kashipara Online Furniture Shopping Ecommerce Website prodList.php sql injection | Kashipara | Online Furniture Shopping Ecommerce Website | Medium | 6.3 | 2024-04-23 22:00:06 | Deep Dive |
| CVE-2024-4069 | Kashipara Online Furniture Shopping Ecommerce Website search.php sql injection | Kashipara | Online Furniture Shopping Ecommerce Website | Medium | 6.3 | 2024-04-23 21:31:05 | Deep Dive |
| CVE-2024-2311 | Avada <= 7.11.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | ThemeFusion | Avada | Website Builder For WordPress & WooCommerce | Medium | 6.4 | 2024-04-09 18:59:36 | Deep Dive |
| CVE-2024-2344 | Avada <= 7.11.6 - Authenticated (Admin+) SQL Injection via entry | ThemeFusion | Avada | Website Builder For WordPress & WooCommerce | High | 7.2 | 2024-04-09 18:59:22 | Deep Dive |
| CVE-2024-2117 | Elementor Website Builder – More than Just a Page Builder <= 3.20.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Path Widget | elemntor | Elementor Website Builder – more than just a page builder | Medium | 6.4 | 2024-04-09 18:59:21 | Deep Dive |
| CVE-2024-2504 | Page Builder: Pagelayer – Drag and Drop website builder <= 1.8.4 - Authenticated(Contributor+) Stored Cross-Site Scripting via custom attributes | softaculous | Page Builder: Pagelayer – Drag and Drop website builder | Medium | 6.4 | 2024-04-09 18:59:21 | Deep Dive |
| CVE-2024-2340 | Avada <= 7.11.6 - Unauthenticated Sensitive Information Exposure via Form Uploads Directory Listing | ThemeFusion | Avada | Website Builder For WordPress & WooCommerce | Medium | 5.3 | 2024-04-09 18:59:07 | Deep Dive |
| CVE-2024-2343 | Avada <= 7.11.6 - Authenticated (Contributor+) Server-Side Request Forgery via form_to_url_action | ThemeFusion | Avada | Website Builder For WordPress & WooCommerce | Medium | 6.4 | 2024-04-09 18:59:04 | Deep Dive |
| CVE-2024-3042 | SourceCodester Simple Subscription Website manage_user.php sql injection | SourceCodester | Simple Subscription Website | Medium | 6.3 | 2024-03-28 15:00:07 | Deep Dive |
| CVE-2024-3015 | SourceCodester Simple Subscription Website manage_plan.php sql injection | SourceCodester | Simple Subscription Website | Medium | 6.3 | 2024-03-28 01:31:04 | Deep Dive |
| CVE-2024-3014 | SourceCodester Simple Subscription Website Actions.php sql injection | SourceCodester | Simple Subscription Website | Medium | 6.3 | 2024-03-28 01:00:04 | Deep Dive |
| CVE-2024-1521 | Elementor Website Builder Pro <= 3.20.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Form Widget SVGZ File Upload | https://elementor.com/ | Elementor Website Builder Pro | Medium | 6.4 | 2024-03-27 06:40:51 | Deep Dive |
| CVE-2024-2120 | Elementor Website Builder Pro <= 3.20.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Navigation | https://elementor.com/ | Elementor Website Builder Pro | Medium | 5.4 | 2024-03-27 06:40:50 | Deep Dive |
| CVE-2024-2121 | Elementor Website Builder Pro <= 3.20.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | https://elementor.com/ | Elementor Website Builder Pro | Medium | 5.4 | 2024-03-27 06:40:50 | Deep Dive |
| CVE-2024-2781 | Elementor Website Builder Pro <= 3.20.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via video_html_tag | https://elementor.com/ | Elementor Website Builder Pro | Medium | 6.4 | 2024-03-27 06:40:49 | Deep Dive |
| CVE-2024-1364 | Elementor Website Builder Pro <= 3.20.1 - Authententicated (Contributor+) Stored Cross-Site Scripting | https://elementor.com/ | Elementor Website Builder Pro | Medium | 6.4 | 2024-03-27 06:40:47 | Deep Dive |
| CVE-2023-48777 | WordPress Elementor plugin 3.3.0-3.18.1 - Arbitrary File Upload vulnerability | Elementor.com | Elementor Website Builder | Critical | 9.9 | 2024-03-26 20:49:39 | Deep Dive |