|
1171
|
5.4 |
MEDIUM
Network
|
theeventscalendar
|
the_events_calendar
|
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Event Calendar Link Widget through the html_tag attribute in all versions up to, and including, 6.9.0…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12118
|
2025-02-1 01:12 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1172
|
5.4 |
MEDIUM
Network
|
videowhisper
|
broadcast_live_video
|
The Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisper_hls' shortcode in all versi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12504
|
2025-02-1 01:05 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1173
|
6.5 |
MEDIUM
Network
|
tainacan
|
tainacan
|
The Tainacan plugin for WordPress is vulnerable to SQL Injection via the 'collection_id' parameter in all versions up to, and including, 0.21.12 due to insufficient escaping on the user supplied para…
|
CWE-89
SQL Injection
|
CVE-2024-13236
|
2025-02-1 01:03 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1174
|
5.4 |
MEDIUM
Network
|
pluginus
|
meta_data_and_taxonomies_filter
|
The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdf_results_by_ajax' shortcode in all versions up to, and including, 1.3…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13340
|
2025-02-1 01:02 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1175
|
5.4 |
MEDIUM
Network
|
cliptakes
|
cliptakes
|
The Cliptakes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cliptakes_input_email' shortcode in all versions up to, and including, 1.3.4 due to insufficient inpu…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13389
|
2025-02-1 00:59 |
2025-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1176
|
7.5 |
HIGH
Network
-
|
-
|
IBM Security Verify Directory 10.0 through 10.0.3 is vulnerable to a denial of service when sending an LDAP extended operation.
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2024-45650
|
2025-02-1 00:15 |
2025-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1177
|
- |
|
-
|
-
|
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 39378.
|
CWE-426
Untrusted Search Path
|
CVE-2025-24827
|
2025-02-1 00:15 |
2025-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1178
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to modify protected parts of t…
|
NVD-CWE-noinfo
|
CVE-2025-24114
|
2025-01-31 23:51 |
2025-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1179
|
4.4 |
MEDIUM
Local
|
apple
|
macos
|
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to bypass Privacy preferen…
|
NVD-CWE-noinfo
|
CVE-2025-24116
|
2025-01-31 23:44 |
2025-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1180
|
5.5 |
MEDIUM
Local
|
apple
|
iphone_os
visionos
macos
tvos
ipados
|
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura 13.7.3, macOS Sonoma 14.7.3, visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3. P…
|
NVD-CWE-noinfo
|
CVE-2025-24127
|
2025-01-31 23:42 |
2025-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
