| CVE-2019-25215 |
The ARI-Adminer plugin for WordPress is vulnerable to authorization bypass due to a lack of file acc... |
HIGH |
2024-10-16 |
View Details |
| CVE-2023-32188 |
A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and AP... |
|
2024-10-16 |
View Details |
| CVE-2019-25214 |
The ShopWP plugin for WordPress is vulnerable to authorization bypass due to a missing capability ch... |
HIGH |
2024-10-16 |
View Details |
| CVE-2023-22650 |
A vulnerability has been identified in which Rancher does not automatically clean up a user which ha... |
|
2024-10-16 |
View Details |
| CVE-2019-25213 |
The Advanced Access Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Rea... |
CRITICAL |
2024-10-16 |
View Details |
| CVE-2024-9540 |
The Sina Extension for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposur... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2018-25105 |
The File Manager plugin for WordPress is vulnerable to authorization bypass due to a missing capabi... |
CRITICAL |
2024-10-16 |
View Details |
| CVE-2024-9061 |
The The WP Popup Builder – Popup Forms and Marketing Lead Generation plugin for WordPress is vulne... |
HIGH |
2024-10-16 |
View Details |
| CVE-2017-20192 |
The Formidable Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via mu... |
HIGH |
2024-10-16 |
View Details |
| CVE-2024-45715 |
The SolarWinds Platform was susceptible to a Cross-Site Scripting vulnerability when performing an e... |
HIGH |
2024-10-16 |
View Details |
| CVE-2016-15041 |
The MainWP Dashboard – The Private WordPress Manager for Multiple Website Maintenance plugin for W... |
HIGH |
2024-10-16 |
View Details |
| CVE-2024-45714 |
Application is vulnerable to Cross Site Scripting (XSS) an authenticated attacker with users’ perm... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-7994 |
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer O... |
|
2024-10-16 |
View Details |
| CVE-2016-15040 |
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kento_pvc_g... |
|
2024-10-16 |
View Details |
| CVE-2024-45711 |
SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution... |
HIGH |
2024-10-16 |
View Details |
| CVE-2024-7993 |
A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write... |
|
2024-10-16 |
View Details |
| CVE-2012-10018 |
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery in ... |
HIGH |
2024-10-16 |
View Details |
| CVE-2024-45710 |
SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation... |
|
2024-10-16 |
View Details |
| CVE-2024-48918 |
RDS Light is a simplified version of the Reflective Dialogue System (RDS), a self-reflecting AI fram... |
|
2024-10-16 |
View Details |
| CVE-2024-9937 |
The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-45693 |
Users logged into the Apache CloudStack's web interface can be tricked to submit malicious CSRF requ... |
|
2024-10-16 |
View Details |
| CVE-2024-48758 |
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the addPro para... |
|
2024-10-16 |
View Details |
| CVE-2024-9888 |
The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scri... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-45462 |
The logout operation in the CloudStack web interface does not expire the user session completely whi... |
|
2024-10-16 |
View Details |
| CVE-2024-48180 |
ClassCMS <=4.8 is vulnerable to file inclusion in the nowView method in/class/cms/cms.php, which can... |
|
2024-10-16 |
View Details |
| CVE-2024-9873 |
The Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mob... |
|
2024-10-16 |
View Details |
| CVE-2024-45461 |
The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit system ... |
|
2024-10-16 |
View Details |
| CVE-2024-47889 |
Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior... |
|
2024-10-16 |
View Details |
| CVE-2024-10018 |
Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead to t... |
|
2024-10-16 |
View Details |
| CVE-2024-45219 |
Account users in Apache CloudStack by default are allowed to upload and register templates for deplo... |
|
2024-10-16 |
View Details |
| CVE-2024-47888 |
Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to ve... |
|
2024-10-16 |
View Details |
| CVE-2024-9891 |
The Multiline files upload for contact form 7 plugin for WordPress is vulnerable to unauthorized plu... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-45217 |
Insecure Default Initialization of Resource vulnerability in Apache Solr.
New ConfigSets that are c... |
|
2024-10-16 |
View Details |
| CVE-2024-46213 |
REDAXO CMS v2.11.0 was discovered to contain a remote code execution (RCE) vulnerability.... |
|
2024-10-16 |
View Details |
| CVE-2024-9652 |
The Locatoraid Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting vi... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-45216 |
Improper Authentication vulnerability in Apache Solr.
Solr instances using the PKIAuthenticationPlu... |
|
2024-10-16 |
View Details |
| CVE-2024-46212 |
An issue in the component /index.php?page=backup/export of REDAXO CMS v5.17.1 allows attackers to ex... |
|
2024-10-16 |
View Details |
| CVE-2024-9649 |
The WP ULike – The Ultimate Engagement Toolkit for Websites plugin for WordPress is vulnerable to ... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2023-7296 |
The BigBlueButton plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the mode... |
|
2024-10-16 |
View Details |
| CVE-2024-44762 |
A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers... |
|
2024-10-16 |
View Details |
| CVE-2024-9647 |
The Kama SpamBlock plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST v... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2023-7295 |
The Video Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_t... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-47887 |
Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 an... |
|
2024-10-16 |
View Details |
| CVE-2024-9634 |
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Ob... |
CRITICAL |
2024-10-16 |
View Details |
| CVE-2024-8541 |
The Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, ... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2023-22649 |
A vulnerability has been identified which may lead to sensitive data being leaked into Rancher's aud... |
|
2024-10-16 |
View Details |
| CVE-2024-47836 |
Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserializati... |
|
2024-10-16 |
View Details |
| CVE-2024-9521 |
The SEO Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post meta in v... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2021-4452 |
The Google Language Translator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting ... |
HIGH |
2024-10-16 |
View Details |
| CVE-2024-47522 |
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security M... |
|
2024-10-16 |
View Details |