2011
|
7.8 |
HIGH
Local
|
microsoft
|
edge_chromium
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
CWE-843
Type Confusion
|
CVE-2024-38209
|
2024-09-20 07:15 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2012
|
6.1 |
MEDIUM
Network
|
microsoft
|
edge
|
Microsoft Edge for Android Spoofing Vulnerability
|
CWE-79
Cross-site Scripting
|
CVE-2024-38208
|
2024-09-20 07:15 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2013
|
5.4 |
MEDIUM
Network
|
averta
|
auxinportfolio
|
The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'aux_recent_portfolios_grid' shortcode in all versions up to, and inc…
|
CWE-79
Cross-site Scripting
|
CVE-2024-1384
|
2024-09-20 07:13 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2014
|
5.4 |
MEDIUM
Network
|
wpbeaveraddons
|
powerpack_lite_for_beaver_builder
|
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘type’ parameter in all versions up to, and including, 2.8.3.5 due to insufficien…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7895
|
2024-09-20 07:13 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2015
|
7.5 |
HIGH
Network
squirrly
|
wp_seo_plugin
|
The Premium SEO Pack – WP SEO Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.001. This makes it possible for unauthenticated att…
|
NVD-CWE-noinfo
|
CVE-2024-3679
|
2024-09-20 07:10 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2016
|
5.4 |
MEDIUM
Network
|
funnelkit
|
funnel_builder
|
The FunnelKit Funnel Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'allow_iframe_tag_in_post' function which uses the 'wp_kses_allowed_html' filter to globally…
|
CWE-79
Cross-site Scripting
|
CVE-2024-1056
|
2024-09-20 07:06 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2017
|
9.8 |
CRITICAL
Network
geeeeeeeek
|
dingfanzu
|
A vulnerability was found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. It has been rated as critical. Affected by this issue is some unknown functionality of the file /ajax/chpwd.…
|
CWE-89
SQL Injection
|
CVE-2024-8302
|
2024-09-20 06:55 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2018
|
9.8 |
CRITICAL
Network
stylemixthemes
|
cost_calculator_builder
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Cost Calculator Builder allows SQL Injection.This issue affects Cost Calculator Bu…
|
CWE-89
SQL Injection
|
CVE-2024-43144
|
2024-09-20 06:47 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2019
|
9.8 |
CRITICAL
Network
templateinvaders
|
ti_woocommerce_wishlist
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TemplateInvaders TI WooCommerce Wishlist allows SQL Injection.This issue affects TI WooCommerce W…
|
CWE-89
SQL Injection
|
CVE-2024-43917
|
2024-09-20 06:46 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2020
|
9.8 |
CRITICAL
Network
nitropack
|
nitropack
|
Improper Control of Generation of Code ('Code Injection') vulnerability in NitroPack Inc. NitroPack allows Code Injection.This issue affects NitroPack: from n/a through 1.16.7.
|
CWE-94
Code Injection
|
CVE-2024-43922
|
2024-09-20 06:44 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|