Page(s) : 1 2 3 4 5 [6] 7 8 9 10 11 12 13 14 15 16 ... | Result(s) : 250058 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
N/A | 2024-05-15 | CVE-2023-6324 | cve | ThroughTek Kalay SDK uses a predictable PSK value in the DTLS session when encountering an unexpected PSK identity |
N/A | 2024-05-15 | CVE-2024-2248 | cve | A Header Injection vulnerability in the JFrog platform in versions below 7.85.0 (SaaS) and 7.84.7 (Self-Hosted) may allow threat actors to take over the end user's account ... |
8.8 | 2024-05-15 | CVE-2024-4670 | cve | The All-in-One Video Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.6.5 via the aiovg_search_form shortcode. This mak... |
N/A | 2024-05-15 | CVE-2024-3405 | cve | The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via ... |
N/A | 2024-05-15 | CVE-2024-3406 | cve | The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change the... |
N/A | 2024-05-15 | CVE-2024-3407 | cve | The WP Prayer WordPress plugin through 2.0.9 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks |
N/A | 2024-05-15 | CVE-2024-3548 | cve | The WP Shortcodes Plugin — Shortcodes Ultimate WordPress plugin before 7.1.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflect... |
N/A | 2024-05-15 | CVE-2024-3629 | cve | The HL Twitter WordPress plugin through 2014.1.18 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them... |
N/A | 2024-05-15 | CVE-2024-3630 | cve | The HL Twitter WordPress plugin through 2014.1.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross... |
N/A | 2024-05-15 | CVE-2024-3631 | cve | The HL Twitter WordPress plugin through 2014.1.18 does not have CSRF check when unlinking twitter accounts, which could allow attackers to make logged in admins perform such act... |
N/A | 2024-05-15 | CVE-2024-3634 | cve | The month name translation benaceur WordPress plugin before 2.3.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perf... |
N/A | 2024-05-15 | CVE-2024-3748 | cve | The SP Project & Document Manager WordPress plugin through 4.71 is missing validation in its upload function, allowing a user to manipulate the `user_id` to make it appear that ... |
N/A | 2024-05-15 | CVE-2024-3749 | cve | The SP Project & Document Manager WordPress plugin through 4.71 lacks proper access controllers and allows a logged in user to view and download files belonging to another user |
N/A | 2024-05-15 | CVE-2024-3822 | cve | The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scrip... |
N/A | 2024-05-15 | CVE-2024-3823 | cve | The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow... |
N/A | 2024-05-15 | CVE-2024-3824 | cve | The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin re... |
6.4 | 2024-05-15 | CVE-2024-4636 | cve | The Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘allow_meme_types’ function in... |
8.8 | 2024-05-15 | CVE-2024-4010 | cve | The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability ch... |
4.3 | 2024-05-15 | CVE-2024-0437 | cve | The Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease plugin for WordPress is vulnerable to Sensitive Information Exposure in all version... |
6.4 | 2024-05-15 | CVE-2024-4363 | cve | The Visual Portfolio, Photo Gallery & Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title_tag’ parameter in all versions up to, and includ... |
Page(s) : 1 2 3 4 5 [6] 7 8 9 10 11 12 13 14 15 16 ... | Result(s) : 250058 |