|
2271
|
- |
|
-
|
-
|
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the device is unable to boot up through out-of-bounds write.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47398
|
2025-01-7 17:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2272
|
- |
|
-
|
-
|
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause information leak through out-of-bounds Read.
|
CWE-125
Out-of-bounds Read
|
CVE-2024-45070
|
2025-01-7 17:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2273
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Coupon Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Coupon Code' parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization …
|
CWE-79
Cross-site Scripting
|
CVE-2024-12516
|
2025-01-7 17:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2274
|
8.8 |
HIGH
Network
|
-
|
-
|
The Croma Music plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'ironMusic_ajax' function in all…
|
CWE-862
Missing Authorization
|
CVE-2024-12202
|
2025-01-7 17:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2275
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Booking Calendar and Booking Calendar Pro plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the ‘calendar_id’ parameter in all versions up to, and including, 3.2.19 and 1…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12077
|
2025-01-7 17:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2276
|
5.3 |
MEDIUM
Network
-
|
-
|
The Export Import Menus plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the dsp_export_import_menus() function in all versions up to, and includ…
|
CWE-862
Missing Authorization
|
CVE-2024-10866
|
2025-01-7 17:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2277
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Tooltip…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9502
|
2025-01-7 16:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2278
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Estatik Mortgage Calculator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'color' parameter in all versions up to, and including, 2.0.11 due to insufficient input s…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9354
|
2025-01-7 16:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2279
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Aurum - WordPress & WooCommerce Shopping Theme theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'lab_1cl_demo_install_package_conten…
|
CWE-862
Missing Authorization
|
CVE-2024-12781
|
2025-01-7 16:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2280
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Sina Extension for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Sina Image Differ widget in all versions up to, and including, 3.5.91 due to insuff…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12624
|
2025-01-7 16:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
