2271
|
5.4 |
MEDIUM
Network
|
bdthemes
|
element_pack
|
The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Open Map Widget'…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9867
|
2024-11-9 01:00 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2272
|
5.4 |
MEDIUM
Network
|
bdthemes
|
element_pack
|
The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip' paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9657
|
2024-11-9 01:00 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2273
|
4.3 |
MEDIUM
Network
|
g5plus
|
ultimate_bootstrap_elements_for_elementor
|
The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the 'ube_get_page_templates' functio…
|
NVD-CWE-noinfo
|
CVE-2024-10329
|
2024-11-9 00:59 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2274
|
7.3 |
HIGH
Network
tickera
|
tickera
|
The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.4. This is due to the software allowing users t…
|
CWE-94
Code Injection
|
CVE-2024-10263
|
2024-11-9 00:59 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2275
|
9.8 |
CRITICAL
Network
widgilabs
|
plugin_propagator
|
Unrestricted Upload of File with Dangerous Type vulnerability in WidgiLabs Plugin Propagator allows Upload a Web Shell to a Web Server.This issue affects Plugin Propagator: from n/a through 0.1.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50495
|
2024-11-9 00:58 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2276
|
4.3 |
MEDIUM
Network
|
themeum
|
wp_crowdfunding
|
Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.10.
|
CWE-862
Missing Authorization
|
CVE-2024-43937
|
2024-11-9 00:57 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2277
|
5.3 |
MEDIUM
Network
combodo
|
itop
|
Combodo iTop is a simple, web based IT Service Management tool. Unauthenticated user can perform users enumeration, which can make it easier to bruteforce a valid account. As a fix the sentence displ…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-51739
|
2024-11-9 00:56 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2278
|
4.1 |
MEDIUM
Network
|
nvidia
|
nvidia_container_toolkit nvidia_gpu_operator
|
NVIDIA Container Toolkit and NVIDIA GPU Operator for Linux contain a UNIX vulnerability where a specially crafted container image can lead to the creation of unauthorized files on the host. The name …
|
NVD-CWE-Other
|
CVE-2024-0134
|
2024-11-9 00:53 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2279
|
6.1 |
MEDIUM
Network
|
hashicorp
|
consul
|
A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10086
|
2024-11-9 00:49 |
2024-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2280
|
10.0 |
CRITICAL
Network
webandprint
|
ar
|
Unrestricted Upload of File with Dangerous Type vulnerability in Web and Print Design AR For WordPress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50496
|
2024-11-9 00:49 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|