|
197911
|
4.3 |
MEDIUM
Adjacent
|
mcafee
|
content_security_reporter
|
Cleartext Transmission of Sensitive Information vulnerability in the ePO Extension of McAfee Content Security Reporter (CSR) prior to 2.8.0 allows an ePO administrator to view the unencrypted passwor…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2021-23884
|
2024-11-21 14:52 |
2021-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197912
|
9.8 |
CRITICAL
Network
|
facebook
|
thrift
|
An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior…
|
CWE-763
Release of Invalid Pointer or Reference
|
CVE-2021-24028
|
2024-11-21 14:52 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197913
|
6.5 |
MEDIUM
Network
|
fortinet
|
fortiadc
fortiadc_manager
|
A clear text storage of sensitive information into log file vulnerability in FortiADCManager 5.3.0 and below, 5.2.1 and below and FortiADC 5.3.7 and below may allow a remote authenticated attacker to…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2021-24024
|
2024-11-21 14:52 |
2021-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197914
|
6.5 |
MEDIUM
Network
|
patreon
|
patreon_wordpress
|
The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged administrator disconnect the site from Pa…
|
-
|
CVE-2021-24231
|
2024-11-21 14:52 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197915
|
8.1 |
HIGH
Network
|
patreon
|
patreon_wordpress
|
The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged in user overwrite or create arbitrary use…
|
CWE-352
Origin Validation Error
|
CVE-2021-24230
|
2024-11-21 14:52 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197916
|
9.6 |
CRITICAL
Network
|
patreon
|
patreon_wordpress
|
The Jetpack Scan team identified a Reflected Cross-Site Scripting via the patreon_save_attachment_patreon_level AJAX action of the Patreon WordPress plugin before 1.7.2. This AJAX hook is used to upd…
|
-
|
CVE-2021-24229
|
2024-11-21 14:52 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197917
|
9.6 |
CRITICAL
Network
|
patreon
|
patreon_wordpress
|
The Jetpack Scan team identified a Reflected Cross-Site Scripting in the Login Form of the Patreon WordPress plugin before 1.7.2. The WordPress login form (wp-login.php) is hooked by the plugin and o…
|
-
|
CVE-2021-24228
|
2024-11-21 14:52 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197918
|
7.5 |
HIGH
Network
|
patreon
|
patreon_wordpress
|
The Jetpack Scan team identified a Local File Disclosure vulnerability in the Patreon WordPress plugin before 1.7.0 that could be abused by anyone visiting the site. Using this attack vector, an atta…
|
CWE-200
Information Exposure
|
CVE-2021-24227
|
2024-11-21 14:52 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197919
|
7.5 |
HIGH
Network
|
accessally
|
accessally
|
In the AccessAlly WordPress plugin before 3.5.7, the file "resource/frontend/product/product-shortcode.php" responsible for the [accessally_order_form] shortcode is dumping serialize($_SERVER), which…
|
-
|
CVE-2021-24226
|
2024-11-21 14:52 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197920
|
5.4 |
MEDIUM
Network
|
elbtide
|
advanced_booking_calendar
|
The Advanced Booking Calendar WordPress plugin before 1.6.7 did not sanitise the calId GET parameter in the "Seasons & Calendars" page before outputing it in an A tag, leading to a reflected XSS issue
|
-
|
CVE-2021-24225
|
2024-11-21 14:52 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
