761
|
9.8 |
CRITICAL
Network
acnoo
|
flutter_api
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API allows Authentication Bypass.This issue affects Acnoo Flutter API: from n/a through 1.0.5.
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-50486
|
2024-10-30 01:07 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
762
|
4.8 |
MEDIUM
Network
|
aftabhusain
|
category_and_taxonomy_meta_fields
|
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image meta field value in the 'wpaft_add_meta_textinput' function in versions up to, an…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9590
|
2024-10-30 01:07 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
763
|
4.8 |
MEDIUM
Network
|
aftabhusain
|
category_and_taxonomy_meta_fields
|
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'new_meta_name' parameter in the 'wpaft_option_page' function in versions up to, and in…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9589
|
2024-10-30 01:07 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
764
|
5.5 |
MEDIUM
Local
|
intel
|
killer proset\/wireless
|
Improper access control for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via lo…
Update
|
NVD-CWE-noinfo
|
CVE-2023-33875
|
2024-10-30 01:07 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
765
|
6.5 |
MEDIUM
Adjacent
|
intel
|
killer proset\/wireless
|
Protection mechanism failure for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service v…
Update
|
NVD-CWE-noinfo
|
CVE-2023-32644
|
2024-10-30 01:07 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
766
|
6.5 |
MEDIUM
Adjacent
|
intel
|
killer proset\/wireless
|
Insufficient adherence to expected conventions for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable d…
Update
|
NVD-CWE-noinfo
|
CVE-2023-32642
|
2024-10-30 01:06 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
767
|
6.5 |
MEDIUM
Adjacent
|
intel
|
killer proset\/wireless
|
Improper initialization for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via ad…
Update
|
CWE-665
Improper Initialization
|
CVE-2023-28720
|
2024-10-30 01:06 |
2024-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
768
|
9.8 |
CRITICAL
Network
pluginus
|
wordpress_meta_data_and_taxonomies_filter
|
Improper Control of Generation of Code ('Code Injection') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Code Injection.This issue affects WordPress Meta Data and…
New
|
CWE-94
Code Injection
|
CVE-2024-50450
|
2024-10-30 01:05 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
769
|
7.2 |
HIGH
Network
|
royal-elementor-addons
|
royal_elementor_addons
|
Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons allows XML Injection.This issue affects Royal Elementor Addons: from n/a through 1.3.980.
New
|
CWE-611
XXE
|
CVE-2024-50442
|
2024-10-30 01:04 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
770
|
4.8 |
MEDIUM
Network
|
aftabhusain
|
category_and_taxonomy_image
|
The Category and Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_category_image' parameter in versions up to, and including, 1.0.0 due to insufficient input…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9591
|
2024-10-30 01:04 |
2024-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|