181
|
5.4 |
MEDIUM
Network
|
wpmet
|
elementskit_elementor_addons
|
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video widget in all versions up to, and including, 3.2.7 due to insufficient input …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8546
|
2024-10-3 03:56 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
182
|
5.4 |
MEDIUM
Network
|
livemeshelementor
|
addons_for_elementor
|
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘piechart_settings’ parameter in all versions up to, and including, 8.5 due to insufficient …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8858
|
2024-10-3 03:41 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
183
|
5.3 |
MEDIUM
Network
mycred
|
mycred
|
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-8658
|
2024-10-3 03:36 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
184
|
7.8 |
HIGH
Local
|
google
|
android
|
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
Update
|
CWE-862
Missing Authorization
|
CVE-2023-38464
|
2024-10-3 03:35 |
2023-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
185
|
7.5 |
HIGH
Network
stormshield
|
stormshield_network_security
|
ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet.
Update
|
NVD-CWE-noinfo
|
CVE-2023-26095
|
2024-10-3 03:35 |
2023-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
186
|
7.5 |
HIGH
Network
arraynetworks
|
arrayos_ag
|
Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service processes to crash through abnormal HTTP operations.
Update
|
NVD-CWE-noinfo
|
CVE-2023-41121
|
2024-10-3 03:35 |
2023-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
187
|
7.5 |
HIGH
Network
mitel
|
mivoice_connect
|
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper…
Update
|
NVD-CWE-noinfo
|
CVE-2023-39289
|
2024-10-3 03:35 |
2023-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
188
|
7.5 |
HIGH
Network
adguard-dns
|
adguard_dns
|
AdGuard DNS before 2.2 allows remote attackers to cause a denial of service via malformed UDP packets.
Update
|
NVD-CWE-noinfo
|
CVE-2023-41173
|
2024-10-3 03:35 |
2023-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
189
|
7.5 |
HIGH
Network
wpexpertsio
|
change_wp_admin_login
|
The Change WP Admin Login WordPress plugin before 1.1.4 discloses the URL of the hidden login page when accessing a crafted URL, bypassing the protection offered.
Update
|
-
|
CVE-2023-3604
|
2024-10-3 03:35 |
2023-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
190
|
9.8 |
CRITICAL
Network
apache
|
eventmesh
|
CWE-502 Deserialization of Untrusted Data at the rabbitmq-connector plugin module in Apache EventMesh (incubating) V1.7.0\V1.8.0 on windows\linux\mac os e.g. platforms allows attackers to send contro…
Update
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2023-26512
|
2024-10-3 03:35 |
2023-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|