2261
|
7.5 |
HIGH
Network
apollographql
|
apollo-router apollo_helms-charts_router apollo_router
|
The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Instances of the Apollo Router running versions >=…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-43783
|
2024-09-13 06:33 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2262
|
7.5 |
HIGH
Network
apollographql
|
apollo_router apollo_helms-charts_router apollo-router apollo_query-planner apollo_gateway
|
Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Each team can own their slice of the graph independently, empowering them to deliver autonomously and incre…
|
CWE-674
Uncontrolled Recursion
|
CVE-2024-43414
|
2024-09-13 06:33 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2263
|
5.4 |
MEDIUM
Network
|
wpmanageninja
|
ninja_tables
|
The Ninja Tables – Easiest Data Table Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.12 due to insufficient i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7304
|
2024-09-13 06:32 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2264
|
5.4 |
MEDIUM
Network
|
jegtheme
|
jeg_elementor_kit
|
The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.6.7 due to insufficient input sanitization and out…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6804
|
2024-09-13 06:31 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2265
|
9.8 |
CRITICAL
Network
bylancer
|
quicklancer
|
A vulnerability was found in Bylancer Quicklancer 2.4. It has been rated as critical. This issue affects some unknown processing of the file /listing of the component GET Parameter Handler. The manip…
|
CWE-89
SQL Injection
|
CVE-2024-7188
|
2024-09-13 06:31 |
2024-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2266
|
8.8 |
HIGH
Network
|
naiches
|
dark_mode_for_wp_dashboard
|
Cross-Site Request Forgery (CSRF) vulnerability in Naiche Dark Mode for WP Dashboard.This issue affects Dark Mode for WP Dashboard: from n/a through 1.2.3.
|
CWE-352
Origin Validation Error
|
CVE-2024-43325
|
2024-09-13 06:28 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2267
|
7.8 |
HIGH
Local
|
skygroup
|
skysea_client_view
|
Origin validation error vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this vulnerability is exploited, an arbitrary process may be executed with SYSTEM privilege by a …
|
CWE-346
Origin Validation Error
|
CVE-2024-41143
|
2024-09-13 06:27 |
2024-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2268
|
4.3 |
MEDIUM
Network
|
checkoutplugins
|
stripe_payments_for_woocommerce
|
Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins Stripe Payments For WooCommerce by Checkout.This issue affects Stripe Payments For WooCommerce by Checkout: from n/a through 1.9.1.
|
CWE-352
Origin Validation Error
|
CVE-2024-43316
|
2024-09-13 06:26 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2269
|
5.4 |
MEDIUM
Network
|
fontsplugin
|
fonts_plugin
|
Cross-Site Request Forgery (CSRF) vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7.
|
CWE-352
Origin Validation Error
|
CVE-2024-43301
|
2024-09-13 06:24 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2270
|
7.5 |
HIGH
Network
theme-sphere
|
smartmag
|
Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in ThemeSphere SmartMag allows Excavation, Accessing Functionality Not Properly Constrained by ACLs.Thi…
|
CWE-862
Missing Authorization
|
CVE-2024-37930
|
2024-09-13 06:24 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|