311
|
- |
|
-
|
-
|
An improper error handling vulnerability in LabVIEW may result in remote code execution. Successful exploitation requires an attacker to provide a user with a specially crafted VI. This vulnerabili…
Update
|
-
|
CVE-2024-23609
|
2024-10-11 06:15 |
2024-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
312
|
5.5 |
MEDIUM
Local
|
ni
|
topografix_data_plugin diadem veristand flexlogger
|
An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially cra…
Update
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2023-5136
|
2024-10-11 06:15 |
2023-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
313
|
6.5 |
MEDIUM
Network
|
shilpi
|
client_dashboard
|
This vulnerability exists in Shilpi Client Dashboard due to improper handling of multiple parameters in the API endpoint. An authenticated remote attacker could exploit this vulnerability by includin…
Update
|
NVD-CWE-Other
|
CVE-2024-47651
|
2024-10-11 06:01 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
314
|
5.4 |
MEDIUM
Network
|
prontotools
|
login_logout_shortcode
|
The Login Logout Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitizati…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9421
|
2024-10-11 05:59 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
315
|
5.4 |
MEDIUM
Network
|
acekyd
|
display_medium_posts
|
The Display Medium Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's display_medium_posts shortcode in all versions up to, and including, 5.0.1 due to insuffici…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9445
|
2024-10-11 05:58 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
316
|
5.4 |
MEDIUM
Network
|
davidartiss
|
code_embed
|
The Code Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's script embed functionality in all versions up to, and including, 2.4 due to insufficient restrictions…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8804
|
2024-10-11 05:56 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
317
|
6.1 |
MEDIUM
Network
|
wpfactory
|
quantity_dynamic_pricing_\&_bulk_discounts_for_woocommerce
|
The Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9384
|
2024-10-11 05:52 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
318
|
6.1 |
MEDIUM
Network
|
techbanker
|
captcha_bank
|
The WordPress Captcha Plugin by Captcha Bank plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versio…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9375
|
2024-10-11 05:44 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
319
|
5.4 |
MEDIUM
Network
|
wpblockshub
|
wp_blocks_hub
|
The WP Blocks Hub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9372
|
2024-10-11 05:36 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
320
|
5.4 |
MEDIUM
Network
|
miguelmello
|
aggregator_advanced_settings
|
The Aggregator Advanced Settings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitizat…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9368
|
2024-10-11 05:30 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|