|
315351
|
5.4 |
MEDIUM
Network
|
advancedfilemanager
|
advanced_file_manager
|
Multiple plugins and/or themes for WordPress are vulnerable to Limited File Upload in various versions. This is due to a lack of proper checks to ensure lower-privileged roles cannot upload .css and …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8725
|
2024-10-1 23:16 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315352
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2024-46839
|
2024-10-1 23:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315353
|
7.2 |
HIGH
Network
|
advancedfilemanager
|
advanced_file_manager
|
The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale' parameter. This makes it possible for …
|
CWE-22
Path Traversal
|
CVE-2024-8704
|
2024-10-1 23:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315354
|
7.5 |
HIGH
Network
|
redhat
|
keycloak
single_sign-on
|
A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when t…
|
NVD-CWE-noinfo
|
CVE-2023-6841
|
2024-10-1 23:15 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315355
|
6.1 |
MEDIUM
Network
|
redhat
|
build_of_keycloak
keycloak
|
An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referrer_uri parameters are made to trick a user to visit a malicious webpage. …
|
CWE-601
Open Redirect
|
CVE-2024-7260
|
2024-10-1 23:15 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315356
|
8.8 |
HIGH
Network
|
advancedfilemanager
|
advanced_file_manager
|
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.8. This makes it possible for a…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8126
|
2024-10-1 23:14 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315357
|
5.4 |
MEDIUM
Network
|
alefypimentel
|
gf_custom_style
|
The GF Custom Style plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0 due to insufficient input sanitization and output …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9173
|
2024-10-1 23:12 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315358
|
5.4 |
MEDIUM
Network
|
codecabin
|
super_testimonials
|
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alignment’ parameter in all versions up to, and including, 3.0.0 due to insufficient input sanitizati…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9127
|
2024-10-1 23:09 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315359
|
5.4 |
MEDIUM
Network
|
kingblack
|
king_ie
|
The king_IE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9125
|
2024-10-1 23:00 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315360
|
5.4 |
MEDIUM
Network
|
mapplic
|
mapplic
|
The Mapplic Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output esc…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9117
|
2024-10-1 22:56 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
