701
|
7.2 |
HIGH
Network
|
-
|
-
|
The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale' parameter. This makes it possible for …
|
-
|
CVE-2024-8704
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
702
|
7.5 |
HIGH
Network
|
-
|
-
|
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.8. This makes it possible for a…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8126
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
703
|
- |
|
-
|
-
|
Rate limit vulnerability in Clibo Manager v1.1.9.2 that could allow an attacker to send a large number of emails to the victim in a short time, affecting availability and leading to a denial of servi…
|
CWE-799
Improper Control of Interaction Frequency
|
CVE-2024-9199
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
704
|
- |
|
-
|
-
|
Vulnerability in Clibo Manager v1.1.9.1 that could allow an attacker to execute an stored Cross-Site Scripting (stored XSS ) by uploading a malicious .svg image in the section: Profile > Profile pict…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9198
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
705
|
- |
|
-
|
-
|
The GF Custom Style plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0 due to insufficient input sanitization and output …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9173
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
706
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alignment’ parameter in all versions up to, and including, 3.0.0 due to insufficient input sanitizati…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9127
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
707
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The king_IE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9125
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
708
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Mapplic Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output esc…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9117
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
709
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Common Tools for Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9115
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
710
|
7.2 |
HIGH
Network
-
|
-
|
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization a…
|
CWE-79
Cross-site Scripting
|
CVE-2022-4541
|
2024-09-26 22:32 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|