311
|
- |
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in Razon Komar Pal Linked Variation for WooCommerce allows Cross Site Request Forgery.This issue affects Linked Variation for WooCommerce: from n/a thr…
New
|
CWE-352
Origin Validation Error
|
CVE-2024-48047
|
2024-10-18 21:52 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
312
|
- |
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ShortPixel ShortPixel Image Optimizer allows Blind SQL Injection.This issue affects ShortPixel Im…
New
|
CWE-89
SQL Injection
|
CVE-2024-48043
|
2024-10-18 21:52 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
313
|
- |
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in Hans Matzen wp-Monalisa allows Cross Site Request Forgery.This issue affects wp-Monalisa: from n/a through 6.4.
New
|
CWE-352
Origin Validation Error
|
CVE-2024-48038
|
2024-10-18 21:52 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
314
|
- |
|
-
|
-
|
: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Fahad Mahmood Keep Backup Daily allows Retrieve Embedded Sensitive Data.This issue affects Keep Backup Da…
New
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2024-48024
|
2024-10-18 21:52 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
315
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's dd-parallax shortcode in all versions up to, and including, 1.8 due to insufficient input sanitiz…
New
|
-
|
CVE-2024-9898
|
2024-10-18 21:52 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
316
|
5.1 |
MEDIUM
Local
|
-
|
-
|
SolarWinds Kiwi CatTools is susceptible to a sensitive data disclosure vulnerability when a non-default setting has been enabled for troubleshooting purposes.
New
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-45713
|
2024-10-18 21:52 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
317
|
- |
|
-
|
-
|
A vulnerability was found in OpenSight Software FlashFXP 5.4.0.3970. It has been classified as critical. Affected is an unknown function in the library libcrypto-1_1.dll of the file FlashFXP.exe. The…
New
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-10068
|
2024-10-18 21:52 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
318
|
7.2 |
HIGH
Network
-
|
-
|
The SendPulse Free Web Push plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.6 due to incorrect use of the wp_kses_allowed_html function. Th…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9184
|
2024-10-18 21:52 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
319
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Fonto – Custom Web Fonts Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanit…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-8920
|
2024-10-18 21:52 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
320
|
- |
|
-
|
-
|
Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24.
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-49392
|
2024-10-18 21:52 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|