801
|
5.3 |
MEDIUM
Network
-
|
-
|
The Community by PeepSo – Social Network, Membership, Registration, User Profiles plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 6.4.6.0. This is due…
|
CWE-200
Information Exposure
|
CVE-2024-7426
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
802
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.9.1. This is due to missing nonce valida…
|
CWE-352
Origin Validation Error
|
CVE-2024-7386
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
803
|
5.3 |
MEDIUM
Network
-
|
-
|
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.6.1 via the woof_messenger_re…
|
CWE-862
Missing Authorization
|
CVE-2024-7491
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
804
|
6.3 |
MEDIUM
Network
|
-
|
-
|
The Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. plugin for WordPress is vulnerable to unauthorized…
|
CWE-862
Missing Authorization
|
CVE-2024-6590
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
805
|
- |
|
-
|
-
|
Flowise < 2.1.1 suffers from a Stored Cross-Site vulnerability due to a lack of input sanitization in Flowise Chat Embed < 2.0.0.
|
-
|
CVE-2024-9148
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
806
|
- |
|
-
|
-
|
External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls.Thi…
|
CWE-73 CWE-732
External Control of File Name or Path Incorrect Permission Assignment for Critical Resource
|
CVE-2024-9142
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
807
|
- |
|
-
|
-
|
Cross-Site Scripting (XSS) vulnerability in the Oct8ne system. This flaw could allow an attacker to embed harmful JavaScript code into the body of a chat message. This manipulation occurs when the ch…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9141
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
808
|
- |
|
-
|
-
|
Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
|
-
|
CVE-2024-9123
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
809
|
- |
|
-
|
-
|
Type Confusion in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
|
-
|
CVE-2024-9122
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
810
|
- |
|
-
|
-
|
Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security sev…
|
-
|
CVE-2024-9121
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|