|
311311
|
7.3 |
HIGH
Network
|
-
|
-
|
The ARI-Adminer plugin for WordPress is vulnerable to authorization bypass due to a lack of file access controls in nearly every file of the plugin in versions up to, and including, 1.1.14. This make…
|
CWE-862
Missing Authorization
|
CVE-2019-25215
|
2024-10-16 16:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311312
|
7.2 |
HIGH
Network
|
-
|
-
|
The ShopWP plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several REST API routes in versions up to, and including, 2.0.4. This makes it possible for …
|
CWE-862
Missing Authorization
|
CVE-2019-25214
|
2024-10-16 16:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311313
|
8.3 |
HIGH
Network
|
-
|
-
|
The Formidable Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters submitted during form entries like 'after_html' in versions before 2.05.03 due to…
|
CWE-79
Cross-site Scripting
|
CVE-2017-20192
|
2024-10-16 16:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311314
|
7.2 |
HIGH
Network
|
-
|
-
|
The MainWP Dashboard – The Private WordPress Manager for Multiple Website Maintenance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mwp_setup_purchase_username’ parameter…
|
-
|
CVE-2016-15041
|
2024-10-16 16:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311315
|
- |
|
-
|
-
|
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kento_pvc_geo' parameter in versions up to, and including, 2.8 due to insufficient escaping on the user suppli…
|
CWE-89
SQL Injection
|
CVE-2016-15040
|
2024-10-16 16:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311316
|
8.3 |
HIGH
Network
|
-
|
-
|
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery in versions up to, and including 6.1, 1.0 respectively. This makes it possible for attackers to forger…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2012-10018
|
2024-10-16 16:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311317
|
- |
|
-
|
-
|
The Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mobile App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via URLs in posts, comments, …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9873
|
2024-10-16 15:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311318
|
7.7 |
HIGH
Network
|
podman_project
redhat
fedoraproject
|
podman
enterprise_linux
openshift_container_platform
fedora
|
A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-3056
|
2024-10-16 14:15 |
2024-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311319
|
- |
|
-
|
-
|
Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead to the launch of any unexported component.
|
-
|
CVE-2024-10018
|
2024-10-16 12:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311320
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Multiline files upload for contact form 7 plugin for WordPress is vulnerable to unauthorized plugin deactivation due to a missing capability check on the mfcf7_zl_custom_handle_deactivation_plugi…
|
CWE-862
Missing Authorization
|
CVE-2024-9891
|
2024-10-16 11:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
