| Page(s) : 1 ... 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 [1331] 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 ... | Result(s) : 327989 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.3 | 2025-01-07 | CVE-2024-10866 | cve | The Export Import Menus plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the dsp_export_import_menus() function in all vers... |
| N/A | 2025-01-07 | CVE-2024-11625 | cve | Information Exposure Through an Error Message vulnerability in Progress Software Corporation Sitefinity.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200... |
| N/A | 2025-01-07 | CVE-2024-11626 | cve | Improper Neutralization of Input During CMS Backend (adminstrative section) Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Progress Sitefinity.Th... |
| N/A | 2025-01-07 | CVE-2024-11627 | cve | : Insufficient Session Expiration vulnerability in Progress Sitefinity allows : Session Fixation.This issue affects Sitefinity: from 4.0 through 14.4.8142, from 15.0.8200 throug... |
| 6.1 | 2025-01-07 | CVE-2024-12077 | cve | The Booking Calendar and Booking Calendar Pro plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the ‘calendar_id’ parameter in all versions up to, and i... |
| 8.8 | 2025-01-07 | CVE-2024-12202 | cve | The Croma Music plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'iron... |
| 6.4 | 2025-01-07 | CVE-2024-12516 | cve | The Coupon Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Coupon Code' parameter in all versions up to, and including, 1.2.1 due to ... |
| N/A | 2025-01-07 | CVE-2024-45070 | cve | in OpenHarmony v4.1.2 and prior versions allow a local attacker cause information leak through out-of-bounds Read. |
| N/A | 2025-01-07 | CVE-2024-47398 | cve | in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the device is unable to boot up through out-of-bounds write. |
| N/A | 2025-01-07 | CVE-2024-54030 | cve | in OpenHarmony v4.1.2 and prior versions allow a local attacker cause DOS through use after free. |
| 7.5 | 2025-01-07 | CVE-2024-12152 | cve | The MIPL WC Multisite Sync plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.5 via the 'mipl_wc_sync_download_log' ac... |
| 6.4 | 2025-01-07 | CVE-2024-12699 | cve | The Service Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.9 due to insufficient input sanitization and output esc... |
| 4.3 | 2025-01-07 | CVE-2024-12719 | cve | The WordPress File Upload plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wfu_ajax_action_read_subfolders' ... |
| 7.8 | 2025-01-07 | CVE-2025-22395 | cve | Dell Update Package Framework, versions prior to 22.01.02, contain(s) a Local Privilege Escalation Vulnerability. A local low privileged attacker could potentially exploit this ... |
| 4.9 | 2025-01-07 | CVE-2024-11437 | cve | The Timeline Designer plugin for WordPress is vulnerable to SQL Injection via the 's' parameter in all versions up to, and including, 1.4 due to insufficient escaping ... |
| 6.4 | 2025-01-07 | CVE-2024-11777 | cve | The Sell Media plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sell_media_search_form_gutenberg' shortcode in all versions up ... |
| 6.4 | 2025-01-07 | CVE-2024-11899 | cve | The Slider Pro Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sliderpro' shortcode in all versions up to, and including,... |
| 6.4 | 2025-01-07 | CVE-2024-11934 | cve | The Formaloo Form Maker & Customer Analytics for WordPress & WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘address’ parameter in all ver... |
| N/A | 2025-01-07 | CVE-2024-12022 | cve | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-52485. Reason: This candidate is a reservation duplicate of CVE-2024-52485. Notes: All CVE u... |
| 6.1 | 2025-01-07 | CVE-2024-12098 | cve | The ARS Affiliate Page Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'utm_keyword' parameter in all versions up to, and including... |
| Page(s) : 1 ... 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 [1331] 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 ... | Result(s) : 327989 |
