| Page(s) : 1 ... 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 [1313] 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 ... | Result(s) : 327965 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2025-01-08 | CVE-2024-11635 | cve | The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.12 via the 'wfu_ABSPATH' cookie parame... |
| 4.8 | 2025-01-08 | CVE-2024-12045 | cve | The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the maker title value of the Goo... |
| N/A | 2025-01-08 | CVE-2024-13173 | cve | The health module has insufficient restrictions on loading URLs, which may lead to some information leakage. |
| 9.8 | 2025-01-08 | CVE-2024-11350 | cve | The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.1.6. This is due to the plugin not properly v... |
| 7.5 | 2025-01-08 | CVE-2024-11939 | cve | The Cost Calculator Builder PRO plugin for WordPress is vulnerable to blind time-based SQL Injection via the ‘data’ parameter in all versions up to, and including, 3.2.15 due to... |
| 6.4 | 2025-01-08 | CVE-2024-12328 | cve | The MAS Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.7 due to insufficient input sa... |
| 4.3 | 2025-01-08 | CVE-2024-12855 | cve | The AdForest theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions like 'sb_remove_ad' in al... |
| N/A | 2025-01-08 | CVE-2024-13185 | cve | The MinigameCenter module has insufficient restrictions on loading URLs, which may lead to some information leakage. |
| N/A | 2025-01-08 | CVE-2024-13186 | cve | The MinigameCenter module has insufficient restrictions on loading URLs, which may lead to some information leakage. |
| N/A | 2025-01-08 | CVE-2024-45033 | cve | Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed... |
| 9.8 | 2025-01-08 | CVE-2024-54676 | cve | Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.1.0 before 8.0.0 Description: Default clustering instructions at https://openmeetings.apa... |
| 7.5 | 2025-01-08 | CVE-2024-9939 | cve | The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.13 via wfu_file_downloader.php. This makes it possible ... |
| 5.3 | 2025-01-08 | CVE-2024-12712 | cve | The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the webhook function in all vers... |
| 8.8 | 2025-01-08 | CVE-2024-12853 | cve | The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in all versions up to, ... |
| 8.8 | 2025-01-08 | CVE-2024-12854 | cve | The Garden Gnome Package plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the functionality that automatically extracts '... |
| 5.5 | 2025-01-08 | CVE-2024-40679 | cve | IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to an information disclosure vulnerability as sensitive information may be included in a log... |
| 9.8 | 2025-01-08 | CVE-2024-50603 | cve | An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to the improper neutralization of special elements used in an OS command, an unauth... |
| N/A | 2025-01-08 | CVE-2024-55355 | cve | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security iss... |
| N/A | 2025-01-08 | CVE-2024-55356 | cve | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security iss... |
| 7.5 | 2025-01-08 | CVE-2024-56434 | cve | UAF vulnerability in the device node access module Impact: Successful exploitation of this vulnerability may cause service exceptions of the device. |
| Page(s) : 1 ... 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 [1313] 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 ... | Result(s) : 327965 |
