| Page(s) : 1 ... 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 [1457] 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 ... | Result(s) : 328784 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2024-12-18 | CVE-2024-56175 | cve | In Optimizely Configured Commerce before 5.2.2408, malicious payloads can be stored and subsequently executed in users' browsers under specific conditions: XSS from client-... |
| 5.3 | 2024-12-18 | CVE-2024-11295 | cve | The Simple Page Access Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.29 via the WordPress core searc... |
| 9.8 | 2024-12-18 | CVE-2024-12287 | cve | The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.0.2. This is due to the plugin not properly verifyin... |
| N/A | 2024-12-18 | CVE-2024-1610 | cve | In OPPO Store APP, there's a possible escalation of privilege due to improper input validation. |
| N/A | 2024-12-18 | CVE-2024-39703 | cve | In ThreatQuotient ThreatQ before 5.29.3, authenticated users are able to execute arbitrary commands by sending a crafted request to an API endpoint. |
| N/A | 2024-12-18 | CVE-2024-47397 | cve | Weak authentication issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier. If this vulnerability is exploited, the authen... |
| N/A | 2024-12-18 | CVE-2024-53688 | cve | Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE fir... |
| N/A | 2024-12-18 | CVE-2024-54457 | cve | Inclusion of undocumented features or chicken bits issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier, which may allow... |
| N/A | 2024-12-18 | CVE-2024-11614 | cve | An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor... |
| 4.3 | 2024-12-18 | CVE-2024-12340 | cve | The Animation Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.6 via the 'render' fu... |
| 6.1 | 2024-12-18 | CVE-2024-12454 | cve | The Affiliate Program Suite — SliceWP Affiliates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.23. This is due to mi... |
| 5.4 | 2024-12-18 | CVE-2024-12554 | cve | The Peter’s Custom Anti-Spam plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3. This is due to missing nonce validatio... |
| 6.4 | 2024-12-18 | CVE-2024-11439 | cve | The ScanCircle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'scancircle' shortcode in all versions up to, and including, 2.9... |
| 6.4 | 2024-12-18 | CVE-2024-11748 | cve | The Taeggie Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'taeggie-feed' shortcode in all versions up to, and including,... |
| 6.4 | 2024-12-18 | CVE-2024-11881 | cve | The Easy Waveform Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'easywaveformplayer' shortcode in all versions up to, ... |
| 6.4 | 2024-12-18 | CVE-2024-12500 | cve | The Philantro – Donations and Donor Management plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'donate' in all ... |
| 6.4 | 2024-12-18 | CVE-2024-12513 | cve | The Contests by Rewards Fuel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'RF_CONTEST' shortcode in all versions up to, and ... |
| 7.8 | 2024-12-18 | CVE-2024-47480 | cve | Dell Inventory Collector Client, versions prior to 12.7.0, contains an Improper Link Resolution Before File Access vulnerability. A low-privilege attacker with local access may ... |
| 6.1 | 2024-12-18 | CVE-2024-11254 | cve | The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the disqus_name parameter in all versions up to, and including... |
| 7.5 | 2024-12-18 | CVE-2024-12025 | cve | The Collapsing Categories plugin for WordPress is vulnerable to SQL Injection via the 'taxonomy' parameter of the /wp-json/collapsing-categories/v1/get REST API in all... |
| Page(s) : 1 ... 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 [1457] 1458 1459 1460 1461 1462 1463 1464 1465 1466 1467 ... | Result(s) : 328784 |
