301
|
6.1 |
MEDIUM
Network
|
objectiv
|
simple_ldap_login
|
The Simple LDAP Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8715
|
2024-10-1 23:37 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
302
|
- |
|
-
|
-
|
The Slider by 10Web WordPress plugin before 1.2.59 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting atta…
New
|
-
|
CVE-2024-8283
|
2024-10-1 23:35 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
303
|
- |
|
-
|
-
|
The Starbox WordPress plugin before 3.5.3 does not properly render social media profiles URLs in certain contexts, like the malicious user's profile or pages where the starbox shortcode is used, whi…
New
|
-
|
CVE-2024-8239
|
2024-10-1 23:35 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
304
|
5.3 |
MEDIUM
Network
perforce
|
akana_api
|
In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations
Update
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-5250
|
2024-10-1 23:33 |
2024-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
305
|
5.4 |
MEDIUM
Network
|
garrettgrimm
|
simple_popup_plugin
|
The Simple Popup Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [popup] shortcode in all versions up to, and including, 4.5 due to insufficient input saniti…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8547
|
2024-10-1 23:32 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
306
|
9.8 |
CRITICAL
Network
givewp
|
givewp
|
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input vi…
Update
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-8353
|
2024-10-1 23:31 |
2024-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
307
|
7.5 |
HIGH
Network
huawei
|
harmonyos emui
|
Access permission verification vulnerability in the App Multiplier module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Update
|
NVD-CWE-noinfo
|
CVE-2024-9136
|
2024-10-1 23:28 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
308
|
7.5 |
HIGH
Network
huawei
|
emui harmonyos
|
Access permission verification vulnerability in the input method framework module
Impact: Successful exploitation of this vulnerability may affect availability.
Update
|
NVD-CWE-noinfo
|
CVE-2024-47294
|
2024-10-1 23:27 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
309
|
7.5 |
HIGH
Network
perforce
|
akana_api
|
In versions of Akana API Platform prior to 2024.1.0, SAML tokens can be replayed.
Update
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2024-5249
|
2024-10-1 23:26 |
2024-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
310
|
7.5 |
HIGH
Network
huawei
|
harmonyos emui
|
Out-of-bounds write vulnerability in the HAL-WIFI module
Impact: Successful exploitation of this vulnerability may affect availability.
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47293
|
2024-10-1 23:25 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|