|
4311
|
5.3 |
MEDIUM
Network
boldgrid
|
w3_total_cache
|
The W3 Total Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 2.8.1. This mak…
|
CWE-862
Missing Authorization
|
CVE-2024-12006
|
2025-01-17 06:30 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
4312
|
5.4 |
MEDIUM
Network
|
themeisle
|
orbit_fox
|
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table widget in all versions up to, and including, 2.10.43 due to insufficient in…
|
CWE-79
Cross-site Scripting
|
CVE-2025-0311
|
2025-01-17 06:29 |
2025-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4313
|
5.4 |
MEDIUM
Network
|
themeisle
|
orbit_fox
|
The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title_tag’ parameter in all versions up to, and including, 2.10.43 due to insufficient input sani…
|
CWE-79
Cross-site Scripting
|
CVE-2024-13183
|
2025-01-17 06:28 |
2025-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4314
|
7.2 |
HIGH
Network
|
simple-help
|
simplehelp
|
SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This can be exploited to…
|
CWE-59
Link Following
|
CVE-2024-57728
|
2025-01-17 06:24 |
2025-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4315
|
7.5 |
HIGH
Network
simple-help
|
simplehelp
|
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleH…
|
CWE-22
Path Traversal
|
CVE-2024-57727
|
2025-01-17 06:22 |
2025-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
4316
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kopatheme Kopa Nictitate Toolkit allows Stored XSS.This issue affects Kopa Nictitate Toolkit: fro…
|
CWE-79
Cross-site Scripting
|
CVE-2025-23965
|
2025-01-17 06:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4317
|
- |
|
-
|
-
|
Missing Authorization vulnerability in Sven Hofmann & Michael Schoenrock Mark Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark Posts: from n/a thr…
|
CWE-862
Missing Authorization
|
CVE-2025-23963
|
2025-01-17 06:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4318
|
- |
|
-
|
-
|
Missing Authorization vulnerability in Goldstar Goldstar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Goldstar: from n/a through 2.1.1.
|
CWE-862
Missing Authorization
|
CVE-2025-23962
|
2025-01-17 06:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4319
|
- |
|
-
|
-
|
Missing Authorization vulnerability in WP Tasker WordPress Graphs & Charts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Graphs & Charts: from n…
|
CWE-862
Missing Authorization
|
CVE-2025-23961
|
2025-01-17 06:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4320
|
- |
|
-
|
-
|
Missing Authorization vulnerability in Sur.ly Sur.ly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sur.ly: from n/a through 3.0.3.
|
CWE-862
Missing Authorization
|
CVE-2025-23957
|
2025-01-17 06:15 |
2025-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
