451
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Click to Chat – WP Support All-in-One Floating Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpsaio_snapchat shortcode in all versions up to, and inclu…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10055
|
2024-10-18 17:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
452
|
- |
|
-
|
-
|
A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. The issue arises when the product blocks a connection due to an untrusted server certificate but allows the…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-6058
|
2024-10-18 17:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
453
|
- |
|
-
|
-
|
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. The product…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-6057
|
2024-10-18 17:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
454
|
- |
|
-
|
-
|
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificat…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-6056
|
2024-10-18 17:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
455
|
- |
|
-
|
-
|
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate …
|
CWE-295
Improper Certificate Validation
|
CVE-2023-6055
|
2024-10-18 17:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
456
|
- |
|
-
|
-
|
A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM S…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-49567
|
2024-10-18 17:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
457
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'button' shortcode in all versions up to, and including, 2.1.12 due to insufficient input san…
|
-
|
CVE-2024-9703
|
2024-10-18 16:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
458
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The MAS Companies For WP Job Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9206
|
2024-10-18 16:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
459
|
- |
|
-
|
-
|
Stored cross-site scripting vulnerability exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. When accessing the edit screen containing custom columns (column type: images or files), …
|
-
|
CVE-2024-47793
|
2024-10-18 15:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
460
|
- |
|
-
|
-
|
Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and…
|
-
|
CVE-2024-46897
|
2024-10-18 15:15 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|