361
|
5.3 |
MEDIUM
Network
revolut
|
revolut_gateway_for_woocommerce
|
The Revolut Gateway for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wc/v3/revolut REST API endpoint in all versions u…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-8678
|
2024-10-3 04:06 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
362
|
5.4 |
MEDIUM
Network
|
livemeshelementor
|
addons_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Elementor allows Stored XSS.This issue affects Livemesh Addon…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-47303
|
2024-10-3 04:00 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
363
|
5.4 |
MEDIUM
Network
|
wpmet
|
elementskit_elementor_addons
|
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video widget in all versions up to, and including, 3.2.7 due to insufficient input …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8546
|
2024-10-3 03:56 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
364
|
5.4 |
MEDIUM
Network
|
livemeshelementor
|
addons_for_elementor
|
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘piechart_settings’ parameter in all versions up to, and including, 8.5 due to insufficient …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-8858
|
2024-10-3 03:41 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
365
|
5.3 |
MEDIUM
Network
mycred
|
mycred
|
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress…
Update
|
CWE-862
Missing Authorization
|
CVE-2024-8658
|
2024-10-3 03:36 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
366
|
7.8 |
HIGH
Local
|
google
|
android
|
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
Update
|
CWE-862
Missing Authorization
|
CVE-2023-38464
|
2024-10-3 03:35 |
2023-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
367
|
7.5 |
HIGH
Network
stormshield
|
stormshield_network_security
|
ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet.
Update
|
NVD-CWE-noinfo
|
CVE-2023-26095
|
2024-10-3 03:35 |
2023-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
368
|
7.5 |
HIGH
Network
arraynetworks
|
arrayos_ag
|
Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service processes to crash through abnormal HTTP operations.
Update
|
NVD-CWE-noinfo
|
CVE-2023-41121
|
2024-10-3 03:35 |
2023-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
369
|
7.5 |
HIGH
Network
mitel
|
mivoice_connect
|
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper…
Update
|
NVD-CWE-noinfo
|
CVE-2023-39289
|
2024-10-3 03:35 |
2023-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
370
|
7.5 |
HIGH
Network
adguard-dns
|
adguard_dns
|
AdGuard DNS before 2.2 allows remote attackers to cause a denial of service via malformed UDP packets.
Update
|
NVD-CWE-noinfo
|
CVE-2023-41173
|
2024-10-3 03:35 |
2023-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|