1021
|
5.4 |
MEDIUM
Network
|
chetanvaghela
|
common_tools_for_site
|
The Common Tools for Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9115
|
2024-10-1 22:47 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1022
|
6.1 |
MEDIUM
Network
|
nitinmaurya
|
wordpress_visitors
|
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization a…
|
CWE-79
Cross-site Scripting
|
CVE-2022-4541
|
2024-10-1 22:46 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1023
|
5.3 |
MEDIUM
Network
codesupply
|
sight
|
The Sight – Professional Image Gallery and Portfolio plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handler_post_title' function in all ve…
|
CWE-862
Missing Authorization
|
CVE-2024-9025
|
2024-10-1 22:44 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1024
|
6.1 |
MEDIUM
Network
|
bizswoop
|
store_hours_for_woocommerce
|
The Store Hours for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8872
|
2024-10-1 22:42 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1025
|
5.4 |
MEDIUM
Network
|
metagauss
|
profilegrid
|
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.9.3.2 due to incorrect use of the wp_…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8861
|
2024-10-1 22:41 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1026
|
6.3 |
MEDIUM
Network
|
oretnom23
|
railway_reservation_system
|
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. Th…
|
CWE-862
Missing Authorization
|
CVE-2024-9297
|
2024-10-1 22:39 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1027
|
4.3 |
MEDIUM
Network
|
oretnom23
|
railway_reservation_system
|
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /?page=tickets of…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-9298
|
2024-10-1 22:37 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1028
|
5.4 |
MEDIUM
Network
|
oretnom23
|
railway_reservation_system
|
A vulnerability classified as problematic has been found in SourceCodester Online Railway Reservation System 1.0. This affects an unknown part of the file /?page=reserve. The manipulation of the argu…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9299
|
2024-10-1 22:36 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1029
|
6.1 |
MEDIUM
Network
|
oretnom23
|
railway_reservation_system
|
A vulnerability classified as problematic was found in SourceCodester Online Railway Reservation System 1.0. This vulnerability affects unknown code of the file contact_us.php of the component Messag…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9300
|
2024-10-1 22:34 |
2024-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1030
|
8.8 |
HIGH
Network
|
oretnom23
|
employee_and_visitor_gate_pass_logging_system
|
A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/maintenance…
|
CWE-89
SQL Injection
|
CVE-2024-9315
|
2024-10-1 22:33 |
2024-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|