|
195611
|
8.1 |
HIGH
Network
|
tms-outsource
|
wpdatatables
|
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can ta…
|
NVD-CWE-Other
|
CVE-2021-24198
|
2024-11-21 14:52 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195612
|
8.1 |
HIGH
Network
|
tms-outsource
|
wpdatatables
|
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can ta…
|
NVD-CWE-Other
|
CVE-2021-24197
|
2024-11-21 14:52 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195613
|
7.5 |
HIGH
Network
|
whatsapp
|
whatsapp_business
whatsapp
|
A cache configuration issue prior to WhatsApp for Android v2.21.4.18 and WhatsApp Business for Android v2.21.4.18 may have allowed a third party with access to the device’s external storage to read c…
|
NVD-CWE-noinfo
|
CVE-2021-24027
|
2024-11-21 14:52 |
2021-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195614
|
9.8 |
CRITICAL
Network
|
whatsapp
|
whatsapp
whatsapp_business
|
A missing bounds check within the audio decoding pipeline for WhatsApp calls in WhatsApp for Android prior to v2.21.3, WhatsApp Business for Android prior to v2.21.3, WhatsApp for iOS prior to v2.21.…
|
CWE-787
Out-of-bounds Write
|
CVE-2021-24026
|
2024-11-21 14:52 |
2021-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195615
|
9.8 |
CRITICAL
Network
|
woocommerce
|
help_scout
|
The WooCommerce Help Scout WordPress plugin before 2.9.1 (https://woocommerce.com/products/woocommerce-help-scout/) allows unauthenticated users to upload any files to the site which by default will …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2021-24212
|
2024-11-21 14:52 |
2021-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195616
|
5.4 |
MEDIUM
Network
|
wphive
|
wordpress_related_posts
|
The WordPress Related Posts plugin through 3.6.4 contains an authenticated (admin+) stored XSS vulnerability in the title field on the settings page. By exploiting that an attacker will be able to ex…
|
CWE-79
Cross-site Scripting
|
CVE-2021-24211
|
2024-11-21 14:52 |
2021-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195617
|
6.1 |
MEDIUM
Network
|
kiboit
|
phastpress
|
There is an open redirect in the PhastPress WordPress plugin before 1.111 that allows an attacker to malform a request to a page with the plugin and then redirect the victim to a malicious page. Ther…
|
CWE-601
Open Redirect
|
CVE-2021-24210
|
2024-11-21 14:52 |
2021-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195618
|
7.2 |
HIGH
Network
|
automattic
|
wp_super_cache
|
The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated (admin+) RCE in the settings page due to input validation failure and weak $cache_path check in the WP Super Cache Se…
|
CWE-94
Code Injection
|
CVE-2021-24209
|
2024-11-21 14:52 |
2021-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195619
|
5.4 |
MEDIUM
Network
|
themeum
|
wp_page_builder
|
The editor of the WP Page Builder WordPress plugin before 1.2.4 allows lower-privileged users to insert unfiltered HTML, including JavaScript, into pages via the “Raw HTML” widget and the “Custom HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2021-24208
|
2024-11-21 14:52 |
2021-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195620
|
4.3 |
MEDIUM
Network
|
themeum
|
wp_page_builder
|
By default, the WP Page Builder WordPress plugin before 1.2.4 allows subscriber-level users to edit and make changes to any and all posts pages - user roles must be specifically blocked from editing …
|
CWE-269
Improper Privilege Management
|
CVE-2021-24207
|
2024-11-21 14:52 |
2021-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
