|
1651
|
- |
|
-
|
-
|
A floating-point exception (FPE) vulnerability exists in the AP4_TfraAtom::AP4_TfraAtom function in Bento4.
|
-
|
CVE-2024-57513
|
2025-02-1 05:15 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1652
|
4.3 |
MEDIUM
Network
|
visualmodo
|
borderless
|
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'remove_zi…
|
CWE-862
Missing Authorization
|
CVE-2024-11583
|
2025-02-1 05:03 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1653
|
7.2 |
HIGH
Network
|
visualmodo
|
borderless
|
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.5.9 via the 'wr…
|
CWE-94
Code Injection
|
CVE-2024-11600
|
2025-02-1 05:02 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1654
|
4.3 |
MEDIUM
Network
|
seventhqueen
|
typer_core
|
The Typer Core plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.6 via the 'elementor-template' shortcode due to insufficient restrictions on which …
|
NVD-CWE-noinfo
|
CVE-2024-12102
|
2025-02-1 05:01 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1655
|
6.1 |
MEDIUM
Network
|
wpmessiah
|
ai_image_alt_text_generator_for_wp
|
The Ai Image Alt Text Generator for WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.2 due to insufficient in…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12177
|
2025-02-1 04:49 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1656
|
7.5 |
HIGH
Network
wpmessiah
|
safe_ai_malware_protection_for_wp
|
The Safe Ai Malware Protection for WP plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_db() function in all versions up to, and includ…
|
CWE-862
Missing Authorization
|
CVE-2024-12269
|
2025-02-1 04:44 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1657
|
6.5 |
MEDIUM
Network
|
villatheme
|
w2s
|
The W2S – Migrate WooCommerce to Shopify plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.2.1 via the 'viw2s_view_log' AJAX action. This makes it poss…
|
NVD-CWE-noinfo
|
CVE-2024-12861
|
2025-02-1 04:01 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1658
|
5.4 |
MEDIUM
Network
|
proxymis
|
html5_chat
|
The HTML5 chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'HTML5CHAT' shortcode in all versions up to, and including, 1.04 due to insufficient input sanitizati…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12451
|
2025-02-1 03:55 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1659
|
5.4 |
MEDIUM
Network
|
wpdispensary
|
wp_dispensary
|
The WP Dispensary plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpd_menu' shortcode in all versions up to, and including, 4.5.0 due to insufficient input sanitiz…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12444
|
2025-02-1 03:45 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1660
|
6.1 |
MEDIUM
Network
|
shoalsummitsolutions
|
team_rosters
|
The Team Rosters plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ parameter in all versions up to, and including, 4.7 due to insufficient input sanitization and outp…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12320
|
2025-02-1 03:25 |
2025-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
