191
|
5.4 |
MEDIUM
Network
|
kirstyburgoine
|
responsive_video
|
The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's video settings function in all versions up to, and including, 1.0 due to insufficient input san…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-7629
|
2024-09-28 02:32 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
192
|
6.1 |
MEDIUM
Network
|
otasync
|
ota_sync_booking_engine_widget
|
The OTA Sync Booking Engine Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.7. This is due to missing or incorrect nonce validation o…
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-7647
|
2024-09-28 02:31 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
193
|
9.8 |
CRITICAL
Network
sjhoo
|
woo_inquiry
|
The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient…
Update
|
CWE-89
SQL Injection
|
CVE-2024-7854
|
2024-09-28 02:27 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
194
|
- |
|
-
|
-
|
A vulnerability was found in TP-LINK TL-WR841ND up to 20240920. It has been rated as critical. Affected by this issue is some unknown functionality of the file /userRpm/popupSiteSurveyRpm.htm. The ma…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2024-9284
|
2024-09-28 02:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
195
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…
New
|
-
|
CVE-2024-9273
|
2024-09-28 02:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
196
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…
New
|
-
|
CVE-2024-9268
|
2024-09-28 02:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
197
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…
New
|
-
|
CVE-2024-9171
|
2024-09-28 02:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
198
|
- |
|
-
|
-
|
Alisonic Sibylla devices are vulnerable to SQL injection attacks, which could allow complete access to the database.
New
|
CWE-89
SQL Injection
|
CVE-2024-8630
|
2024-09-28 02:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
199
|
- |
|
-
|
-
|
OPW Fuel Management Systems SiteSentinel
could allow an attacker to bypass authentication to the server and obtain full admin privileges.
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-8310
|
2024-09-28 02:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
200
|
- |
|
-
|
-
|
OMNTEC Proteus Tank Monitoring OEL8000III Series
could allow an attacker to perform administrative actions without proper authentication.
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-6981
|
2024-09-28 02:15 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|