1161
|
7.2 |
HIGH
Network
|
advancedfilemanager
|
advanced_file_manager
|
The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale' parameter. This makes it possible for …
|
CWE-22
Path Traversal
|
CVE-2024-8704
|
2024-10-1 23:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1162
|
7.5 |
HIGH
Network
redhat
|
keycloak single_sign-on
|
A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when t…
|
NVD-CWE-noinfo
|
CVE-2023-6841
|
2024-10-1 23:15 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1163
|
6.1 |
MEDIUM
Network
|
redhat
|
build_of_keycloak keycloak
|
An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referrer_uri parameters are made to trick a user to visit a malicious webpage. …
|
CWE-601
Open Redirect
|
CVE-2024-7260
|
2024-10-1 23:15 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1164
|
7.4 |
HIGH
Local
|
redhat fedoraproject
|
shim fedora
|
A buffer overflow was found in Shim in the 32-bit system. The overflow happens due to an addition operation involving a user-controlled value parsed from the PE binary being used by Shim. This value …
|
CWE-787 CWE-190
Out-of-bounds Write Integer Overflow or Wraparound
|
CVE-2023-40548
|
2024-10-1 23:15 |
2024-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1165
|
8.8 |
HIGH
Network
|
advancedfilemanager
|
advanced_file_manager
|
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.8. This makes it possible for a…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8126
|
2024-10-1 23:14 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1166
|
5.4 |
MEDIUM
Network
|
alefypimentel
|
gf_custom_style
|
The GF Custom Style plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0 due to insufficient input sanitization and output …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9173
|
2024-10-1 23:12 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1167
|
5.4 |
MEDIUM
Network
|
codecabin
|
super_testimonials
|
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alignment’ parameter in all versions up to, and including, 3.0.0 due to insufficient input sanitizati…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9127
|
2024-10-1 23:09 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1168
|
5.4 |
MEDIUM
Network
|
kingblack
|
king_ie
|
The king_IE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9125
|
2024-10-1 23:00 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1169
|
5.4 |
MEDIUM
Network
|
mapplic
|
mapplic
|
The Mapplic Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output esc…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9117
|
2024-10-1 22:56 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1170
|
5.4 |
MEDIUM
Network
|
chetanvaghela
|
common_tools_for_site
|
The Common Tools for Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9115
|
2024-10-1 22:47 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|