|
1971
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Waitlist Woocommerce ( Back in stock notifier ) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8724
|
2024-09-14 13:15 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1972
|
9.1 |
CRITICAL
Network
|
-
|
-
|
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to SQL Injection via the 'options' parameter passed to the backuply_wp_clone_sql() function in all versions up to,…
|
CWE-89
SQL Injection
|
CVE-2024-8669
|
2024-09-14 13:15 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1973
|
7.3 |
HIGH
Network
-
|
-
|
The The Simple Spoiler plugin for WordPress is vulnerable to arbitrary shortcode execution in versions 1.2 to 1.3. This is due to the plugin adding the filter add_filter('comment_text', 'do_shortcode…
|
CWE-94
Code Injection
|
CVE-2024-8479
|
2024-09-14 13:15 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1974
|
8.8 |
HIGH
Network
|
-
|
-
|
The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to privilege escalation in all versions up to…
|
CWE-269
Improper Privilege Management
|
CVE-2024-8246
|
2024-09-14 13:15 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1975
|
- |
|
-
|
-
|
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA…
|
CWE-208
Information Exposure Through Timing Discrepancy
|
CVE-2024-2236
|
2024-09-14 13:15 |
2024-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1976
|
- |
|
-
|
-
|
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_var…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-8775
|
2024-09-14 12:15 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1977
|
- |
|
-
|
-
|
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.1. This is due to the soft…
|
CWE-94
Code Injection
|
CVE-2024-8271
|
2024-09-14 12:15 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1978
|
5.3 |
MEDIUM
Network
-
|
-
|
The WooCommerce Multiple Free Gift plugin for WordPress is vulnerable to gift manipulation in all versions up to, and including, 1.2.3. This is due to plugin not enforcing server-side checks on the p…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2022-3459
|
2024-09-14 12:15 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1979
|
8.1 |
HIGH
Network
|
openbsd
redhat
suse
debian
canonical
amazon
netapp
freebsd
netbsd
|
openssh
openshift_container_platform
enterprise_linux
enterprise_linux_for_arm_64
enterprise_linux_for_power_little_endian
enterprise_linux_for_ibm_z_systems
enterprise_linux_for_po…
|
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote a…
|
CWE-362
Race Condition
|
CVE-2024-6387
|
2024-09-14 12:15 |
2024-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1980
|
7.5 |
HIGH
Network
gnu
redhat
|
glibc
enterprise_linux
|
A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2023-5156
|
2024-09-14 12:15 |
2023-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
