431
|
5.4 |
MEDIUM
Network
|
samiahmedsiddiqui
|
custom_permalinks
|
The Custom Permalinks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.6.0 due to insufficient input sanitization and output escaping on tag names…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2023-0926
|
2024-09-27 10:01 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
432
|
5.4 |
MEDIUM
Network
|
dfactory
|
responsive_lightbox
|
The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.4.7 due to insufficient input sanitization…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-6870
|
2024-09-27 09:52 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
433
|
5.4 |
MEDIUM
Network
|
posimyth
|
the_plus_addons_for_elementor
|
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the carousel_direction para…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-5583
|
2024-09-27 09:47 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
434
|
8.1 |
HIGH
Network
|
pixeljar
|
favicon_generator
|
The Favicon Generator plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the output_sub_ad…
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-7568
|
2024-09-27 09:41 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
435
|
9.8 |
CRITICAL
Network
tosei-corporation
|
online_store_management_system
|
A vulnerability classified as critical was found in Tosei Online Store Management System ??????????? 4.02/4.03/4.04. This vulnerability affects unknown code of the component Backend. The manipulation…
Update
|
NVD-CWE-noinfo
|
CVE-2024-7898
|
2024-09-27 09:34 |
2024-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
436
|
8.8 |
HIGH
Network
|
tosei
|
online_store_management_system
|
A vulnerability classified as critical has been found in Tosei Online Store Management System ??????????? 4.02/4.03/4.04. This affects an unknown part of the file /cgi-bin/tosei_kikai.php. The manipu…
Update
|
CWE-77
Command Injection
|
CVE-2024-7897
|
2024-09-27 09:29 |
2024-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
437
|
- |
|
-
|
-
|
Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauth…
New
|
-
|
CVE-2024-8974
|
2024-09-27 08:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
438
|
- |
|
-
|
-
|
An issue has been discovered in GitLab EE affecting all versions starting from 16.0 prior to 17.2.8, from 17.3 prior to 17.3.4, and from 17.4 prior to 17.4.1. An AI feature was found to read unsaniti…
New
|
-
|
CVE-2024-4099
|
2024-09-27 08:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
439
|
- |
|
-
|
-
|
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs?. The memory leak happens in git…
Update
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-1394
|
2024-09-27 08:15 |
2024-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
440
|
5.4 |
MEDIUM
Network
|
risethemes
|
rt_easy_builder
|
The RT Easy Builder – Advanced addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.2 due to insuffi…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-2254
|
2024-09-27 07:36 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|