2211
|
7.8 |
HIGH
Local
|
-
|
-
|
After Effects versions 23.6.6, 24.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of …
|
-
|
CVE-2024-39381
|
2024-09-13 18:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2212
|
- |
|
-
|
-
|
After Effects versions 23.6.6, 24.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitati…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2024-39380
|
2024-09-13 18:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2213
|
7.8 |
HIGH
Local
|
adobe
|
illustrator
|
Illustrator versions 28.5, 27.9.4, 28.6, 27.9.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user…
|
NVD-CWE-noinfo
|
CVE-2024-41856
|
2024-09-13 18:15 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2214
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Filterabl…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8742
|
2024-09-13 16:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2215
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The YITH Custom Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8665
|
2024-09-13 16:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2216
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The WP Test Email plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8664
|
2024-09-13 16:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2217
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The WP Simple Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all v…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8663
|
2024-09-13 16:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2218
|
- |
|
-
|
-
|
The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions like export_forms(…
|
CWE-862
Missing Authorization
|
CVE-2024-7888
|
2024-09-13 16:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2219
|
- |
|
-
|
-
|
The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 27.5.5 due to insufficient input sanitization and output escapi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5567
|
2024-09-13 16:15 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2220
|
5.4 |
MEDIUM
Network
|
3ds
|
3dexperience
|
A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
|
CWE-79
Cross-site Scripting
|
CVE-2024-7939
|
2024-09-13 16:15 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|