2161
|
8.8 |
HIGH
Network
|
thimpress
|
wp_events_manager
|
The WP Events Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 2.1.11 due to insufficient escaping on the user su…
|
CWE-89
SQL Injection
|
CVE-2024-7717
|
2024-09-20 09:08 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2162
|
5.3 |
MEDIUM
Network
wpcerber
|
cerber_security_antispam_\&_malware_scan
|
The WP Cerber Security plugin for WordPress is vulnerable to IP Protection bypass in versions up to, and including 9.4 due to the plugin improperly checking for a visitor's IP address. This makes it …
|
NVD-CWE-noinfo
|
CVE-2022-4100
|
2024-09-20 09:08 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2163
|
5.3 |
MEDIUM
Network
youtag
|
ip-vault-wp-firewall
|
The IP Vault – WP Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1. This is due to insufficient restrictions on where the IP Address informatio…
|
NVD-CWE-Other
|
CVE-2022-4536
|
2024-09-20 09:04 |
2024-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2164
|
6.3 |
MEDIUM
Network
|
microsoft
|
edge_chromium
|
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
|
CWE-787
Out-of-bounds Write
|
CVE-2024-38207
|
2024-09-20 07:15 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2165
|
7.8 |
HIGH
Local
|
microsoft
|
edge_chromium
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
CWE-125
Out-of-bounds Read
|
CVE-2024-38210
|
2024-09-20 07:15 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2166
|
7.8 |
HIGH
Local
|
microsoft
|
edge_chromium
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
CWE-843
Type Confusion
|
CVE-2024-38209
|
2024-09-20 07:15 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2167
|
6.1 |
MEDIUM
Network
|
microsoft
|
edge
|
Microsoft Edge for Android Spoofing Vulnerability
|
CWE-79
Cross-site Scripting
|
CVE-2024-38208
|
2024-09-20 07:15 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2168
|
5.4 |
MEDIUM
Network
|
averta
|
auxinportfolio
|
The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'aux_recent_portfolios_grid' shortcode in all versions up to, and inc…
|
CWE-79
Cross-site Scripting
|
CVE-2024-1384
|
2024-09-20 07:13 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2169
|
5.4 |
MEDIUM
Network
|
wpbeaveraddons
|
powerpack_lite_for_beaver_builder
|
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘type’ parameter in all versions up to, and including, 2.8.3.5 due to insufficien…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7895
|
2024-09-20 07:13 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2170
|
7.5 |
HIGH
Network
squirrly
|
wp_seo_plugin
|
The Premium SEO Pack – WP SEO Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.001. This makes it possible for unauthenticated att…
|
NVD-CWE-noinfo
|
CVE-2024-3679
|
2024-09-20 07:10 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|