2081
|
9.8 |
CRITICAL
Network
adobe
|
coldfusion
|
ColdFusion versions 2023.9, 2021.15 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. An …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-41874
|
2024-09-14 01:57 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2082
|
7.5 |
HIGH
Network
adobe
|
coldfusion
|
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication vulnerability that could result in privilege escalation. An attacker could exploit this vulnerability to gai…
|
CWE-287
Improper Authentication
|
CVE-2024-45113
|
2024-09-14 01:56 |
2024-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2083
|
- |
|
-
|
-
|
Titan SFTP and Titan MFT Server 2.0.25.2426 and earlier have a vulnerability a vulnerability where sensitive information, including passwords, is exposed in clear text within the JSON response when c…
|
-
|
CVE-2024-44685
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2084
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Email Obfuscate Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'email-obfuscate' shortcode in all versions up to, and including, 2.0 due to insuffici…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8747
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2085
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The PDF Thumbnail Generator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and inc…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8737
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2086
|
- |
|
-
|
-
|
The Lucas String Replace plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and includ…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8734
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2087
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Roles & Capabilities plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and includ…
|
-
|
CVE-2024-8732
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2088
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Cron Jobs plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.2.9.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8731
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2089
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Exit Notifier plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8730
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2090
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The WordPress Affiliates Plugin — SliceWP Affiliates plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8714
|
2024-09-14 01:37 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|