|
196281
|
6.1 |
MEDIUM
Network
|
boostifythemes
|
goto
|
The Goto WordPress theme before 2.0 does not sanitise the keywords and start_date GET parameter on its Tour List page, leading to an unauthenticated reflected Cross-Site Scripting issue.
|
-
|
CVE-2021-24235
|
2024-11-21 14:52 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196282
|
6.1 |
MEDIUM
Network
|
ivorysearch
|
ivory_search
|
The Search Forms page of the Ivory Search WordPress lugin before 4.6.1 did not properly sanitise the tab parameter before output it in the page, leading to a reflected Cross-Site Scripting issue when…
|
-
|
CVE-2021-24234
|
2024-11-21 14:52 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196283
|
6.1 |
MEDIUM
Network
|
boxystudio
|
cooked
|
The Cooked Pro WordPress plugin before 1.7.5.6 was affected by unauthenticated reflected Cross-Site Scripting issues, due to improper sanitisation of user input while being output back in pages as an…
|
-
|
CVE-2021-24233
|
2024-11-21 14:52 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196284
|
5.4 |
MEDIUM
Network
|
elbtide
|
advanced_booking_calendar
|
The Advanced Booking Calendar WordPress plugin before 1.6.8 does not sanitise the license error message when output in the settings page, leading to an authenticated reflected Cross-Site Scripting is…
|
-
|
CVE-2021-24232
|
2024-11-21 14:52 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196285
|
7.8 |
HIGH
Local
|
mcafee
|
data_loss_prevention_endpoint
|
Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel address…
|
NVD-CWE-noinfo
|
CVE-2021-23887
|
2024-11-21 14:52 |
2021-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196286
|
5.5 |
MEDIUM
Local
|
mcafee
|
data_loss_prevention_endpoint
|
Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modi…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2021-23886
|
2024-11-21 14:52 |
2021-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196287
|
4.3 |
MEDIUM
Adjacent
|
mcafee
|
content_security_reporter
|
Cleartext Transmission of Sensitive Information vulnerability in the ePO Extension of McAfee Content Security Reporter (CSR) prior to 2.8.0 allows an ePO administrator to view the unencrypted passwor…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2021-23884
|
2024-11-21 14:52 |
2021-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196288
|
9.8 |
CRITICAL
Network
|
facebook
|
thrift
|
An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior…
|
CWE-763
Release of Invalid Pointer or Reference
|
CVE-2021-24028
|
2024-11-21 14:52 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196289
|
6.5 |
MEDIUM
Network
|
fortinet
|
fortiadc
fortiadc_manager
|
A clear text storage of sensitive information into log file vulnerability in FortiADCManager 5.3.0 and below, 5.2.1 and below and FortiADC 5.3.7 and below may allow a remote authenticated attacker to…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-24024
|
2024-11-21 14:52 |
2021-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196290
|
6.5 |
MEDIUM
Network
|
patreon
|
patreon_wordpress
|
The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged administrator disconnect the site from Pa…
|
-
|
CVE-2021-24231
|
2024-11-21 14:52 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
