Page(s) : 1 [2] 3 4 5 6 7 8 9 10 11 12 ... | Result(s) : 272245 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
N/A | 2024-04-26 | CVE-2024-33638 | cve | Cross-Site Request Forgery (CSRF) vulnerability in Brijesh Kothari Smart Maintenance Mode.This issue affects Smart Maintenance Mode: from n/a through 1.4.4. |
N/A | 2024-04-26 | CVE-2024-33639 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AccessAlly PopupAlly allows Stored XSS.This issue affects PopupAl... |
N/A | 2024-04-26 | CVE-2024-33642 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EkoJR Advanced Post List allows Stored XSS.This issue affects Adv... |
N/A | 2024-04-26 | CVE-2024-33650 | cve | Cross-Site Request Forgery (CSRF) vulnerability in Cryout Creations Serious Slider.This issue affects Serious Slider: from n/a through 1.2.4. |
N/A | 2024-04-26 | CVE-2024-33651 | cve | Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar : from n/a through 1.2.1. |
N/A | 2024-04-26 | CVE-2024-3678 | cve | The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.4.2. This makes ... |
N/A | 2024-04-26 | CVE-2024-3890 | cve | The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Calendly widget in all versions up to, and including, 3.10.5 due to insu... |
N/A | 2024-04-26 | CVE-2024-1789 | cve | The WP SMTP plugin for WordPress is vulnerable to SQL Injection via the 'search' parameter in versions 1.2 to 1.2.6 due to insufficient escaping on the user supplied p... |
N/A | 2024-04-26 | CVE-2024-22091 | cve | Mattermost versions 8.1.x |
N/A | 2024-04-26 | CVE-2024-32046 | cve | Mattermost versions 9.6.x |
N/A | 2024-04-26 | CVE-2024-3962 | cve | The Product Addons & Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ppom_upload_file function in ... |
N/A | 2024-04-26 | CVE-2024-4182 | cve | Mattermost versions 9.6.0, 9.5.x before 9.5.3, 9.4.x before 9.4.5, and 8.1.x before 8.1.12 fail to handle JSON parsing errors in custom status values, which allows an authentica... |
N/A | 2024-04-26 | CVE-2024-4183 | cve | Mattermost versions 8.1.x before 8.1.12, 9.6.x before 9.6.1, 9.5.x before 9.5.3, 9.4.x before 9.4.5 fail to limit the number of active sessions, which allows an authenticated at... |
N/A | 2024-04-26 | CVE-2024-4195 | cve | Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes, which allows an attacker authenticated as a team admin to promote gue... |
N/A | 2024-04-26 | CVE-2024-4198 | cve | Mattermost versions 9.6.0, 9.5.x before 9.5.3, and 8.1.x before 8.1.12 fail to fully validate role changes which allows an attacker authenticated as team admin to demote users t... |
N/A | 2024-04-26 | CVE-2024-32651 | cve | changedetection.io is an open source web page change detection, website watcher, restock monitor and notification service. There is a Server Side Template Injection (SSTI) in Ji... |
N/A | 2024-04-26 | CVE-2024-32868 | cve | ZITADEL provides users the possibility to use Time-based One-Time-Password (TOTP) and One-Time-Password (OTP) through SMS and Email. While ZITADEL already gives administrators t... |
N/A | 2024-04-26 | CVE-2024-33661 | cve | Portainer before 2.20.0 allows redirects when the target is not index.yaml. |
N/A | 2024-04-26 | CVE-2024-33663 | cve | python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217. |
N/A | 2024-04-26 | CVE-2024-33664 | cve | python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compress... |
Page(s) : 1 [2] 3 4 5 6 7 8 9 10 11 12 ... | Result(s) : 272245 |