| Page(s) : 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 ... | Result(s) : 101545 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.3 | 2024-06-09 | CVE-2024-5458 | cve | In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALI... |
| 5.9 | 2024-06-09 | CVE-2024-2408 | cve | The openssl_private_decrypt function in PHP, when using PKCS1 padding (OPENSSL_PKCS1_PADDING, which is the default), is vulnerable to the Marvin Attack unless it is used with an... |
| 4.2 | 2024-06-08 | CVE-2024-5770 | cve | The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_save_setting�... |
| 4.3 | 2024-06-08 | CVE-2024-4661 | cve | The WP Reset plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_ajax function in all versions up to, and inclu... |
| 6.3 | 2024-06-08 | CVE-2024-5087 | cve | The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the validate_ajax, deacti... |
| 6.1 | 2024-06-08 | CVE-2024-5613 | cve | The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in the 'quality_customizer_notify_dismiss_action' AJAX action in... |
| 6.1 | 2024-06-08 | CVE-2024-5638 | cve | The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in the 'ti_customizer_notify_dismiss_recommended_plugins' AJAX a... |
| 4.3 | 2024-06-08 | CVE-2024-4468 | cve | The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into ad... |
| 6.4 | 2024-06-08 | CVE-2024-5663 | cve | The Cards for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Cards widget in all versions up to, and including, 1.1.3 due... |
| 5.3 | 2024-06-07 | CVE-2024-31878 | cve | IBM i 7.2, 7.3, 7.4, and 7.5 Service Tools Server (SST) is vulnerable to SST user enumeration by a remote attacker. This vulnerability can be used by a malicious actor to gathe... |
| 4.8 | 2024-06-07 | CVE-2024-37160 | cve | Formwork is a flat file-based Content Management System (CMS). An attackers (requires administrator privilege) to execute arbitrary web scripts by modifying site options via /pa... |
| 5.4 | 2024-06-07 | CVE-2024-5426 | cve | The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘svg’ parameter in all versions up to, and i... |
| 5.4 | 2024-06-07 | CVE-2024-5645 | cve | The Envo Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘button_css_id’ parameter within the Button widget in all versions up to, and including,... |
| 5.5 | 2024-06-07 | CVE-2024-4610 | cve | Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver allows a local non-privileged user to make improper GPU memory processing op... |
| 5.3 | 2024-06-07 | CVE-2024-5382 | cve | The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a mi... |
| 4.3 | 2024-06-07 | CVE-2024-5438 | cve | The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.7.1 via the &... |
| 6.1 | 2024-06-07 | CVE-2024-5542 | cve | The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Navigatio... |
| 6.4 | 2024-06-07 | CVE-2024-5612 | cve | The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eael_lightbox_open_btn_icon’ parameter within the Lightbox & Mo... |
| 6.4 | 2024-06-07 | CVE-2024-5640 | cve | The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ at... |
| 4.3 | 2024-06-07 | CVE-2023-6491 | cve | The Strong Testimonials plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the wpmtst_save_view_sticky function in al... |
| Page(s) : 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 ... | Result(s) : 101545 |
