691
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Fish and Ships – Most flexible shipping table rate. A WooCommerce shipping rate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without approp…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9237
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
692
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Smart Custom 404 Error Page plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_SERVER['REQUEST_URI'] in all versions up to, and including, 11.4.7 due to insufficient input…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9204
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
693
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Clio Grow plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.0.2.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8802
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
694
|
5.3 |
MEDIUM
Network
-
|
-
|
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up …
|
-
|
CVE-2024-8520
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
695
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's '…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8519
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
696
|
- |
|
-
|
-
|
CUPS cups-browsed before 2.5b1 will send an HTTP POST request to an arbitrary destination and port in response to a single IPP UDP packet requesting a printer to be added, a different vulnerability t…
|
-
|
CVE-2024-47850
|
2024-10-4 14:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
697
|
9.8 |
CRITICAL
Network
zimbra
|
collaboration
|
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute comma…
|
CWE-863
Incorrect Authorization
|
CVE-2024-45519
|
2024-10-4 10:00 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
698
|
- |
|
-
|
-
|
This issue was addressed with improved checks. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. Audio messages in Messages may be able to capture a few seconds of audio before the microphone indi…
|
-
|
CVE-2024-44207
|
2024-10-4 09:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
699
|
- |
|
-
|
-
|
A logic issue was addressed with improved validation. This issue is fixed in iOS 18.0.1 and iPadOS 18.0.1. A user's saved passwords may be read aloud by VoiceOver.
|
-
|
CVE-2024-44204
|
2024-10-4 09:15 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
700
|
9.8 |
CRITICAL
Network
ivanti
|
connect_secure policy_secure
|
A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to …
|
CWE-787
Out-of-bounds Write
|
CVE-2024-21894
|
2024-10-4 07:35 |
2024-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|