1051
|
- |
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mestres do WP Checkout Mestres WP allows PHP Local File Inclusion.This issue affects Checkout Mestres W…
|
-
|
CVE-2024-44030
|
2024-10-5 22:15 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1052
|
6.5 |
MEDIUM
Network
|
online_voting_system_project
|
online_voting_system
|
Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via voter.php. This vulnerability allows an attacker to craft a malicious link that, when clicked by a…
|
CWE-352
Origin Validation Error
|
CVE-2024-45987
|
2024-10-5 11:21 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1053
|
4.3 |
MEDIUM
Adjacent
|
gotenna
|
atak_plugin
|
The goTenna Pro ATAK Plugin has a payload length vulnerability that
makes it possible to tell the length of the payload regardless of the
encryption used.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2024-41715
|
2024-10-5 11:16 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1054
|
5.4 |
MEDIUM
Network
|
websevendev
|
attributes_for_blocks
|
The Attributes for Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘attributesForBlocks’ parameter in all versions up to, and including, 1.0.6 due to insufficient inp…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8318
|
2024-10-5 11:10 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1055
|
8.8 |
HIGH
Network
|
mainwp
|
updraftplus_extension
|
Missing Authorization vulnerability in MainWP MainWP UpdraftPlus Extension.This issue affects MainWP UpdraftPlus Extension: from n/a through 4.0.6.
|
CWE-862
Missing Authorization
|
CVE-2023-23640
|
2024-10-5 11:04 |
2024-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1056
|
8.8 |
HIGH
Network
|
androidbubble
|
wp_sort_order
|
Missing Authorization vulnerability in Fahad Mahmood WP Sort Order.This issue affects WP Sort Order: from n/a through 1.3.1.
|
CWE-862
Missing Authorization
|
CVE-2024-31294
|
2024-10-5 11:01 |
2024-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1057
|
8.8 |
HIGH
Network
|
wpxpo
|
postx
|
Missing Authorization vulnerability in Post Grid Team by WPXPO PostX – Gutenberg Blocks for Post Grid.This issue affects PostX – Gutenberg Blocks for Post Grid: from n/a through 3.2.3.
|
CWE-862
Missing Authorization
|
CVE-2024-31246
|
2024-10-5 10:59 |
2024-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1058
|
9.8 |
CRITICAL
Network
mrebabi
|
new_order_notification_for_woocommerce
|
Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.This issue affects New Order Notification for Woocommerce: from n/a through 2.0.2.
|
CWE-862
Missing Authorization
|
CVE-2024-31098
|
2024-10-5 10:54 |
2024-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1059
|
9.8 |
CRITICAL
Network
rems
|
school_task_manager
|
Sourcecodester School Task Manager 1.0 allows SQL Injection via the 'subject' parameter.
|
CWE-89
SQL Injection
|
CVE-2024-24142
|
2024-10-5 10:43 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1060
|
9.8 |
CRITICAL
Network
mainwp
|
staging_extension
|
Missing Authorization vulnerability in MainWP MainWP Staging Extension.This issue affects MainWP Staging Extension: from n/a through 4.0.3.
|
CWE-862
Missing Authorization
|
CVE-2023-23639
|
2024-10-5 10:37 |
2024-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|