|
71
|
6.5 |
MEDIUM
Network
|
dwbooster
|
cp_contact_form
|
The CP Contact Form with PayPal plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.52. This is due to missing or incorrect nonce validation on …
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-13758
|
2025-02-1 05:28 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
72
|
5.4 |
MEDIUM
Network
|
cyberchimps
|
responsive_blocks
|
The Responsive Blocks – WordPress Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘section_tag’ parameter in all versions up to, and including, 1.9.9 due to…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-13732
|
2025-02-1 05:22 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
73
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in code-projects Job Recruitment 1.0. It has been classified as problematic. This affects an unknown part of the file /parse/_call_job_search_ajax.php. The manipulation of t…
New
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0934
|
2025-02-1 05:15 |
2025-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
74
|
- |
|
-
|
-
|
The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only mean…
New
|
-
|
CVE-2025-0938
|
2025-02-1 05:15 |
2025-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
75
|
- |
|
-
|
-
|
In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied…
Update
|
-
|
CVE-2025-0662
|
2025-02-1 05:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
76
|
- |
|
-
|
-
|
A floating-point exception (FPE) vulnerability exists in the AP4_TfraAtom::AP4_TfraAtom function in Bento4.
Update
|
-
|
CVE-2024-57513
|
2025-02-1 05:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
77
|
4.3 |
MEDIUM
Network
|
visualmodo
|
borderless
|
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'remove_zi…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-11583
|
2025-02-1 05:03 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
78
|
7.2 |
HIGH
Network
|
visualmodo
|
borderless
|
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.5.9 via the 'wr…
Update
|
CWE-94
Code Injection
|
CVE-2024-11600
|
2025-02-1 05:02 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
79
|
4.3 |
MEDIUM
Network
|
seventhqueen
|
typer_core
|
The Typer Core plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.6 via the 'elementor-template' shortcode due to insufficient restrictions on which …
Update
|
NVD-CWE-noinfo
|
CVE-2024-12102
|
2025-02-1 05:01 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
80
|
6.1 |
MEDIUM
Network
|
wpmessiah
|
ai_image_alt_text_generator_for_wp
|
The Ai Image Alt Text Generator for WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.2 due to insufficient in…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-12177
|
2025-02-1 04:49 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
