| Page(s) : 1 ... 75 76 77 78 79 80 81 82 83 84 [85] 86 87 88 89 90 91 92 93 94 95 ... | Result(s) : 279606 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.2 | 2024-06-04 | CVE-2024-3555 | cve | The Social Link Pages: link-in-bio landing pages for your social media profiles plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on th... |
| N/A | 2024-06-04 | CVE-2024-4057 | cve | The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.37 does not validate and escape some of its block attributes before outputting them back in a page/post w... |
| N/A | 2024-06-04 | CVE-2024-4180 | cve | The Events Calendar WordPress plugin before 6.4.0.1 does not properly sanitize user-submitted content when rendering some views via AJAX. |
| 6.4 | 2024-06-04 | CVE-2024-4273 | cve | The Essential Real Estate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ere_property_map' shortcode in all versions up to, a... |
| 4.3 | 2024-06-04 | CVE-2024-4274 | cve | The Essential Real Estate plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the remove_property_attachment_ajax() function in all... |
| 4.4 | 2024-06-04 | CVE-2024-4462 | cve | The Nafeza Prayer Time plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2.9 due to insufficient input... |
| 6.4 | 2024-06-04 | CVE-2024-4697 | cve | The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘heading_tag’ parameter in all versions up to, and including, 1.1.1 du... |
| N/A | 2024-06-04 | CVE-2024-4749 | cve | The wp-eMember WordPress plugin before 10.3.9 does not sanitize and escape the "fieldId" parameter before outputting it back in the page, leading to a Reflected Cross-Site Scrip... |
| N/A | 2024-06-04 | CVE-2024-4750 | cve | The buddyboss-platform WordPress plugin before 2.6.0 contains an IDOR vulnerability that allows a user to like a private post by manipulating the ID included in the request |
| N/A | 2024-06-04 | CVE-2024-4856 | cve | The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting... |
| N/A | 2024-06-04 | CVE-2024-4857 | cve | The FS Product Inquiry WordPress plugin through 1.1.1 does not sanitise and escape some form submissions, which could allow unauthenticated users to perform Stored Cross-Site Sc... |
| 5.3 | 2024-06-04 | CVE-2024-4997 | cve | The WPUpper Share Buttons plugin for WordPress is vulnerable to unauthorized access of data when preparing sharing links for posts and pages in all versions up to, and including... |
| N/A | 2024-06-04 | CVE-2023-28494 | cve | Missing Authorization vulnerability in CodePeople Contact Form Email allows Functionality Misuse.This issue affects Contact Form Email: from n/a through 1.3.31. |
| N/A | 2024-06-04 | CVE-2023-33930 | cve | Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Code Injection.This... |
| N/A | 2024-06-04 | CVE-2023-34001 | cve | Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins – WordPress Security Plugins Hide My WP Ghost allows Functionality Bypass.This issue affects... |
| N/A | 2024-06-04 | CVE-2023-37865 | cve | Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue af... |
| N/A | 2024-06-04 | CVE-2024-20873 | cve | Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds memory. |
| N/A | 2024-06-04 | CVE-2024-20874 | cve | Improper access control vulnerability in SmartManagerCN prior to SMR Jun-2024 Release 1 allows local attackers to launch privileged activities. |
| N/A | 2024-06-04 | CVE-2024-20875 | cve | Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files. |
| N/A | 2024-06-04 | CVE-2024-20876 | cve | Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory corruption. |
| Page(s) : 1 ... 75 76 77 78 79 80 81 82 83 84 [85] 86 87 88 89 90 91 92 93 94 95 ... | Result(s) : 279606 |
