|
611
|
8.5 |
HIGH
Network
|
-
|
-
|
The W3 Total Cache plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the is_w3tc_admin_page function in all versions up to, and including, 2.8.1. …
New
|
CWE-862
Missing Authorization
|
CVE-2024-12365
|
2025-01-14 16:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
612
|
5.3 |
MEDIUM
Network
-
|
-
|
The W3 Total Cache plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.8.1 through the publicly exposed debug log file. This makes it possible for unaut…
New
|
CWE-200
Information Exposure
|
CVE-2024-12008
|
2025-01-14 16:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
613
|
5.3 |
MEDIUM
Network
-
|
-
|
The W3 Total Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.8.1. This mak…
New
|
CWE-862
Missing Authorization
|
CVE-2024-12006
|
2025-01-14 16:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
614
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'booking' shortcode in all versions up to, and including, 10.9.2 due to insufficient input s…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-13323
|
2025-01-14 15:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
615
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Smart Agenda – Prise de rendez-vous en ligne plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.7. This is due to missing or incorrect nonce …
New
|
CWE-352
Origin Validation Error
|
CVE-2024-13348
|
2025-01-14 13:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
616
|
8.8 |
HIGH
Network
|
-
|
-
|
An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allo…
New
|
CWE-269
Improper Privilege Management
|
CVE-2024-12398
|
2025-01-14 11:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
617
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…
New
|
-
|
CVE-2024-11637
|
2025-01-14 11:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
618
|
- |
|
-
|
-
|
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `remuneracao.php` endp…
New
|
CWE-79
Cross-site Scripting
|
CVE-2025-23038
|
2025-01-14 10:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
619
|
- |
|
-
|
-
|
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `control.php` endpoint…
New
|
CWE-79
Cross-site Scripting
|
CVE-2025-23037
|
2025-01-14 10:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
620
|
- |
|
-
|
-
|
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `pre_cadastro_funci…
New
|
CWE-79
Cross-site Scripting
|
CVE-2025-23036
|
2025-01-14 10:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
