|
317081
|
4.3 |
MEDIUM
Network
|
umbraco
|
umbraco_cms
|
Umbraco CMS is an ASP.NET CMS. An authenticated user can access a few unintended endpoints. This issue is fixed in 14.1.2.
|
NVD-CWE-Other
|
CVE-2024-43377
|
2024-08-27 03:26 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317082
|
5.3 |
MEDIUM
Network
|
umbraco
|
umbraco_cms
|
Umbraco is an ASP.NET CMS. Some endpoints in the Management API can return stack trace information, even when Umbraco is not in debug mode. This vulnerability is fixed in 14.1.2.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2024-43376
|
2024-08-27 03:24 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317083
|
7.5 |
HIGH
Network
|
apolloconfig
|
apollo
|
An issue in apollocongif apollo v.2.2.0 allows a remote attacker to obtain sensitive information via a crafted request.
|
NVD-CWE-noinfo
|
CVE-2024-42662
|
2024-08-27 03:22 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317084
|
6.5 |
MEDIUM
Network
|
bitapps
|
contact_form_builder
|
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file deletion due to insuff…
|
CWE-22
Path Traversal
|
CVE-2024-7782
|
2024-08-27 03:21 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317085
|
9.0 |
CRITICAL
Network
|
bitapps
|
contact_form_builder
|
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read and deletion due …
|
CWE-22
Path Traversal
|
CVE-2024-7777
|
2024-08-27 03:19 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317086
|
7.2 |
HIGH
Network
|
bitapps
|
contact_form_builder
|
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to generic SQL Injection via the id para…
|
CWE-89
SQL Injection
|
CVE-2024-7780
|
2024-08-27 03:19 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317087
|
4.8 |
MEDIUM
Network
|
bitapps
|
contact_form_builder
|
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary JavaScript file uploads due…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7775
|
2024-08-27 03:18 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317088
|
7.2 |
HIGH
Network
|
bitapps
|
contact_form_builder
|
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to generic SQL Injection via the entryID…
|
CWE-89
SQL Injection
|
CVE-2024-7702
|
2024-08-27 03:15 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317089
|
5.4 |
MEDIUM
Network
|
givewp
|
givewp
|
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized access and deletion of data due to a missing capability check on the 'handle_request' function…
|
CWE-862
Missing Authorization
|
CVE-2024-5941
|
2024-08-27 03:14 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317090
|
5.3 |
MEDIUM
Network
|
givewp
|
givewp
|
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handle_request' function in all…
|
CWE-862
Missing Authorization
|
CVE-2024-5940
|
2024-08-27 03:14 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
