| Page(s) : 1 ... 232 233 234 235 236 237 238 239 240 241 [242] 243 244 245 246 247 248 249 250 251 252 ... | Result(s) : 298984 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-05-15 | CVE-2024-7758 | cve | The Stylish Price List WordPress plugin before 7.1.8 does not sanitise and escape some of its settings, which could allow high privilege users of contributor and above to perfo... |
| N/A | 2025-05-15 | CVE-2024-7556 | cve | The Simple Share WordPress plugin through 0.5.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-S... |
| N/A | 2025-05-15 | CVE-2024-6809 | cve | The Simple Video Directory WordPress plugin before 1.4.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to una... |
| N/A | 2025-05-15 | CVE-2024-6798 | cve | The DL Verification WordPress plugin through 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-... |
| N/A | 2025-05-15 | CVE-2024-6711 | cve | The Event Tickets with Ticket Scanner WordPress plugin before 2.3.8 does not sanitise and escape some parameters, which could allow users with a role as low as admin to perform ... |
| N/A | 2025-05-15 | CVE-2024-6667 | cve | The KBucket: Your Curated Content in WordPress plugin before 4.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-S... |
| N/A | 2025-05-15 | CVE-2024-6665 | cve | The KBucket: Your Curated Content in WordPress plugin before 4.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to per... |
| N/A | 2025-05-15 | CVE-2024-6584 | cve | The 'wp_ajax_boost_proxy_ig' action allows administrators to make GET requests to arbitrary URLs. |
| N/A | 2025-05-15 | CVE-2024-56006 | cve | Missing Authorization vulnerability in Automattic Jetpack Debug Tools.This issue affects Jetpack Debug Tools: from n/a before 2.0.1. |
| N/A | 2025-05-15 | CVE-2024-52880 | cve | An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version... |
| N/A | 2025-05-15 | CVE-2024-51666 | cve | Missing Authorization vulnerability in Automattic Tours.This issue affects Tours: from n/a through 1.0.0. |
| N/A | 2025-05-15 | CVE-2024-4665 | cve | The EventPrime WordPress plugin before 3.5.0 does not properly validate permissions when updating bookings, allowing users to change/cancel bookings for other users. Additional... |
| N/A | 2025-05-15 | CVE-2024-4091 | cve | The Responsive Gallery Grid WordPress plugin before 2.3.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cro... |
| N/A | 2025-05-15 | CVE-2024-4004 | cve | The Advanced Cron Manager WordPress plugin before 2.5.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Store... |
| N/A | 2025-05-15 | CVE-2024-4002 | cve | The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.6.9 does not sanitise and escape some of its settings, which could allow high privilege users such as adm... |
| N/A | 2025-05-15 | CVE-2024-3996 | cve | The Smart Post Show WordPress plugin before 2.4.28 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cro... |
| N/A | 2025-05-15 | CVE-2024-3901 | cve | The Genesis Blocks WordPress plugin through 3.1.3 does not properly escape attributes provided to some of its custom blocks, making it possible for users allowed to write posts ... |
| 7.2 | 2025-05-15 | CVE-2024-13914 | cve | The File Manager Advanced Shortcode WordPress plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.4 (file-manager-advanced-short... |
| N/A | 2025-05-15 | CVE-2024-12767 | cve | The buddyboss-platform WordPress plugin before 2.7.60 lacks proper access controls and allows a logged-in user to view comments on private posts |
| N/A | 2025-05-15 | CVE-2024-0970 | cve | This User Activity Tracking and Log WordPress plugin before 4.1.4 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. |
| Page(s) : 1 ... 232 233 234 235 236 237 238 239 240 241 [242] 243 244 245 246 247 248 249 250 251 252 ... | Result(s) : 298984 |
