| CVE-2024-49245 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ahim... |
|
2024-10-16 |
View Details |
| CVE-2016-15041 |
The MainWP Dashboard – The Private WordPress Manager for Multiple Website Maintenance plugin for W... |
HIGH |
2024-10-16 |
View Details |
| CVE-2024-49242 |
Unrestricted Upload of File with Dangerous Type vulnerability in Shafiq Digital Lottery allows Uploa... |
|
2024-10-16 |
View Details |
| CVE-2024-7994 |
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer O... |
|
2024-10-16 |
View Details |
| CVE-2016-15040 |
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kento_pvc_g... |
|
2024-10-16 |
View Details |
| CVE-2024-49227 |
Deserialization of Untrusted Data vulnerability in Innovaweb Sp. Z o.O. Free Stock Photos Foter allo... |
|
2024-10-16 |
View Details |
| CVE-2024-7993 |
A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write... |
|
2024-10-16 |
View Details |
| CVE-2012-10018 |
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery in ... |
HIGH |
2024-10-16 |
View Details |
| CVE-2024-49226 |
Deserialization of Untrusted Data vulnerability in TAKETIN TAKETIN To WP Membership allows Object In... |
|
2024-10-16 |
View Details |
| CVE-2024-48918 |
RDS Light is a simplified version of the Reflective Dialogue System (RDS), a self-reflecting AI fram... |
|
2024-10-16 |
View Details |
| CVE-2024-9937 |
The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-49218 |
Deserialization of Untrusted Data vulnerability in Al Imran Akash Recently allows Object Injection.T... |
|
2024-10-16 |
View Details |
| CVE-2024-48758 |
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the addPro para... |
|
2024-10-16 |
View Details |
| CVE-2024-9888 |
The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scri... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-49216 |
Unrestricted Upload of File with Dangerous Type vulnerability in Joshua Clayton Feed Comments Number... |
|
2024-10-16 |
View Details |
| CVE-2024-48180 |
ClassCMS <=4.8 is vulnerable to file inclusion in the nowView method in/class/cms/cms.php, which can... |
|
2024-10-16 |
View Details |
| CVE-2024-9873 |
The Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mob... |
|
2024-10-16 |
View Details |
| CVE-2024-48035 |
Unrestricted Upload of File with Dangerous Type vulnerability in Takayuki Imanishi ACF Images Search... |
|
2024-10-16 |
View Details |
| CVE-2024-47889 |
Action Mailer is a framework for designing email service layers. Starting in version 3.0.0 and prior... |
|
2024-10-16 |
View Details |
| CVE-2024-10018 |
Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead to t... |
|
2024-10-16 |
View Details |
| CVE-2024-48034 |
Unrestricted Upload of File with Dangerous Type vulnerability in Fliperrr Team Creates 3D Flipbook, ... |
|
2024-10-16 |
View Details |
| CVE-2024-47888 |
Action Text brings rich text content and editing to Rails. Starting in version 6.0.0 and prior to ve... |
|
2024-10-16 |
View Details |
| CVE-2024-9891 |
The Multiline files upload for contact form 7 plugin for WordPress is vulnerable to unauthorized plu... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-48030 |
Deserialization of Untrusted Data vulnerability in Gabriele Valenti Telecash Ricaricaweb allows Obje... |
|
2024-10-16 |
View Details |
| CVE-2024-46213 |
REDAXO CMS v2.11.0 was discovered to contain a remote code execution (RCE) vulnerability.... |
|
2024-10-16 |
View Details |
| CVE-2024-9652 |
The Locatoraid Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting vi... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-48029 |
: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclus... |
|
2024-10-16 |
View Details |
| CVE-2024-46212 |
An issue in the component /index.php?page=backup/export of REDAXO CMS v5.17.1 allows attackers to ex... |
|
2024-10-16 |
View Details |
| CVE-2024-9649 |
The WP ULike – The Ultimate Engagement Toolkit for Websites plugin for WordPress is vulnerable to ... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-48028 |
Deserialization of Untrusted Data vulnerability in Boyan Raichev IP Loc8 allows Object Injection.Thi... |
|
2024-10-16 |
View Details |
| CVE-2024-44762 |
A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers... |
|
2024-10-16 |
View Details |
| CVE-2024-9647 |
The Kama SpamBlock plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST v... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-48027 |
Unrestricted Upload of File with Dangerous Type vulnerability in xaraartech External featured image ... |
|
2024-10-16 |
View Details |
| CVE-2024-47887 |
Action Pack is a framework for handling and responding to web requests. Starting in version 4.0.0 an... |
|
2024-10-16 |
View Details |
| CVE-2024-9634 |
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Ob... |
CRITICAL |
2024-10-16 |
View Details |
| CVE-2024-48026 |
Deserialization of Untrusted Data vulnerability in Grayson Robbins Disc Golf Manager allows Object I... |
|
2024-10-16 |
View Details |
| CVE-2024-47836 |
Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserializati... |
|
2024-10-16 |
View Details |
| CVE-2024-9521 |
The SEO Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post meta in v... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-47649 |
Unrestricted Upload of File with Dangerous Type vulnerability in THATplugin Iconize.This issue affec... |
|
2024-10-16 |
View Details |
| CVE-2024-47522 |
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security M... |
|
2024-10-16 |
View Details |
| CVE-2024-9305 |
The AppPresser – Mobile App Framework plugin for WordPress is vulnerable to privilege escalation v... |
HIGH |
2024-10-16 |
View Details |
| CVE-2024-47645 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Saji... |
|
2024-10-16 |
View Details |
| CVE-2024-47188 |
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security M... |
|
2024-10-16 |
View Details |
| CVE-2024-9105 |
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and in... |
CRITICAL |
2024-10-16 |
View Details |
| CVE-2024-47637 |
: Relative Path Traversal vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Path Traver... |
|
2024-10-16 |
View Details |
| CVE-2024-47187 |
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security M... |
|
2024-10-16 |
View Details |
| CVE-2024-9104 |
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in all versions up to, an... |
MEDIUM |
2024-10-16 |
View Details |
| CVE-2024-47351 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The ... |
|
2024-10-16 |
View Details |
| CVE-2024-45797 |
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. Prior to ve... |
|
2024-10-16 |
View Details |
| CVE-2024-8787 |
The Smart Online Order for Clover plugin for WordPress is vulnerable to Reflected Cross-Site Scripti... |
MEDIUM |
2024-10-16 |
View Details |