|
311891
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Slickstream: Engagement and Conversions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slick-grid shortcode in all versions up to, and including, 1.4.4 due to …
|
-
|
CVE-2024-10179
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311892
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The xili-tidy-tags plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'action' parameter in all versions up to, and including, 1.12.04 due to insufficient input sanitization…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9357
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311893
|
- |
|
-
|
-
|
Exposure of sensitive system information to an unauthorized control sphere issue exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and earlier. If this vulnerability is exploited, a network-…
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2024-47799
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311894
|
- |
|
-
|
-
|
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and earlier. If this vulnerability is explo…
|
CWE-78
OS Command
|
CVE-2024-45827
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311895
|
- |
|
-
|
-
|
Active debug code vulnerability exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and earlier. If this vulnerability is exploited, a network-adjacent authenticated attacker may obtain or alt…
|
CWE-489
Exposure of Data Element to Wrong Session
|
CVE-2024-29075
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311896
|
5.4 |
MEDIUM
Network
|
-
|
-
|
The Admin and Site Enhancements (ASE) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 7.5.1 due to insufficient input sani…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10790
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311897
|
- |
|
-
|
-
|
Improper handling of canonical URL-encoding may lead to bypass not properly constrained by request rules.
|
-
|
CVE-2024-23983
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311898
|
- |
|
-
|
-
|
GNOME libsoup before 3.6.1 has an infinite loop, and memory consumption. during the reading of certain patterns of WebSocket data from clients.
|
-
|
CVE-2024-52532
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311899
|
- |
|
-
|
-
|
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. Input received over the network cannot trigger this.
|
-
|
CVE-2024-52531
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
311900
|
- |
|
-
|
-
|
GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treate…
|
-
|
CVE-2024-52530
|
2024-11-12 22:55 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
