|
261
|
5.3 |
MEDIUM
Network
-
|
-
|
The WP Hotel Booking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check when adding rooms in all versions up to, and including, 2.1.5. This make…
|
CWE-284
Improper Access Control
|
CVE-2024-12370
|
2025-01-17 18:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
262
|
- |
|
-
|
-
|
CWE-131: Incorrect Calculation of Buffer Size vulnerability exists that could cause Denial-of-Service of the
product when an unauthenticated user is sending a crafted HTTPS packet to the webserver.
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2024-11425
|
2025-01-17 18:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263
|
- |
|
-
|
-
|
CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that
could allow local attackers to exploit these issues to potentially execute arbitrary code wh…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2024-11139
|
2025-01-17 18:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2025-21630
|
2025-01-17 18:15 |
2025-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The quote-posttype-plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Author field in all versions up to, and including, 1.2.2 due to insufficient input sanitization and…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13386
|
2025-01-17 16:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266
|
6.5 |
MEDIUM
Network
|
-
|
-
|
The Sandbox plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the export_download action in all versions up to, and including, 0.4. This makes it possible…
|
CWE-862
Missing Authorization
|
CVE-2024-13367
|
2025-01-17 16:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Sandbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'debug' parameter in all versions up to, and including, 0.4 due to insufficient input sanitization and output …
|
CWE-79
Cross-site Scripting
|
CVE-2024-13366
|
2025-01-17 16:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268
|
5.3 |
MEDIUM
Network
-
|
-
|
The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.05 via the export functionality. The JSON files are stored in predictable…
|
CWE-200
Information Exposure
|
CVE-2024-12637
|
2025-01-17 16:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
269
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The MyBookProgress by Stormhill Media plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘book’ parameter in all versions up to, and including, 1.0.8 due to insufficient input …
|
CWE-79
Cross-site Scripting
|
CVE-2024-12598
|
2025-01-17 16:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Glofox Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'glofox' and 'glofox_lead_capture ' shortcodes in all versions up to, and including, 2.6 due t…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12508
|
2025-01-17 16:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
