| Page(s) : 1 ... 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 [1583] 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 ... | Result(s) : 329517 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.4 | 2024-12-06 | CVE-2024-11450 | cve | The ONLYOFFICE Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'onlyoffice' shortcode in all versions up to, and including... |
| 6.1 | 2024-12-06 | CVE-2024-11687 | cve | The Next-Cart Store to WooCommerce Migration plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and i... |
| 6.1 | 2024-12-06 | CVE-2024-11823 | cve | The Folder Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'foldergallery' shortcode in all versions up to, and includi... |
| 6.1 | 2024-12-06 | CVE-2024-12003 | cve | The WP System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation ... |
| 4.3 | 2024-12-06 | CVE-2024-12027 | cve | The Message Filter for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateFilter() and deleteF... |
| 5.3 | 2024-12-06 | CVE-2024-12028 | cve | The Friends plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several REST API endpoints in all versions up to, and including, 3.2.1... |
| 6.1 | 2024-12-06 | CVE-2024-12060 | cve | The WP Media Optimizer (.webp) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘wpmowebp-css-resources’ and 'wpmowebp-js-resources' parame... |
| 4.3 | 2024-12-06 | CVE-2024-12110 | cve | The Gold Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the activate() and deactivate() functi... |
| 9.8 | 2024-12-06 | CVE-2024-12155 | cve | The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the settin... |
| 4.3 | 2024-12-06 | CVE-2024-9705 | cve | The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ucsm_update_templat... |
| N/A | 2024-12-06 | CVE-2024-9706 | cve | The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ucsm_activate_lite_templa... |
| 5.4 | 2024-12-06 | CVE-2024-9866 | cve | The Event Tickets with Ticket Scanner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data' parameters in all versions up to, and including,... |
| 5.4 | 2024-12-06 | CVE-2024-9872 | cve | The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ... |
| 6.3 | 2024-12-06 | CVE-2024-10681 | cve | The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to arbitrary shortcode execution in all v... |
| 6.3 | 2024-12-06 | CVE-2024-10909 | cve | The The Pojo Forms plugin for WordPress is vulnerable to arbitrary shortcode execution via form_preview_shortcode AJAX action in all versions up to, and including, 1.4.7. This i... |
| 8.1 | 2024-12-06 | CVE-2024-11289 | cve | The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.5.9 via several functions like penci_archive_more_post_ajax_func, p... |
| 7.5 | 2024-12-06 | CVE-2024-11460 | cve | The Verowa Connect plugin for WordPress is vulnerable to SQL Injection via the 'search_string' parameter in all versions up to, and including, 3.0.1 due to insufficien... |
| 7.5 | 2024-12-06 | CVE-2024-11728 | cve | The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'visit_type[service_id]' parameter of the tax_calcu... |
| 7.8 | 2024-12-06 | CVE-2024-53141 | cve | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb... |
| 7.8 | 2024-12-06 | CVE-2024-53142 | cve | In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-ap... |
| Page(s) : 1 ... 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 [1583] 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 ... | Result(s) : 329517 |
