101
|
- |
-
|
-
|
-
|
Missing Authorization vulnerability in Sparkle WP Editorialmag editorialmag.This issue affects Editorialmag: from n/a through 1.1.9.
New
|
CWE-862
認証の欠如
|
CVE-2023-32129
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
102
|
- |
-
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in artbees JupiterX allows PHP Local File Inclusion.This issue affects JupiterX: from n/a through 3.0.0.
New
|
CWE-22
パス・トラバーサル
|
CVE-2023-32110
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
103
|
- |
-
|
-
|
-
|
Improper Privilege Management vulnerability in Favethemes Houzez allows Privilege Escalation.This issue affects Houzez: from n/a through 2.7.1.
New
|
CWE-269
不適切な権限管理
|
CVE-2023-26540
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
104
|
- |
-
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Nota-Info Bookly allows Path Traversal, Manipulating Web Input to File System Calls.This issue affects …
New
|
CWE-22
パス・トラバーサル
|
CVE-2023-26526
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
105
|
- |
-
|
-
|
-
|
Improper Privilege Management vulnerability in favethemes Houzez Login Register allows Privilege Escalation.This issue affects Houzez Login Register: from n/a through 2.6.3.
New
|
CWE-269
不適切な権限管理
|
CVE-2023-26009
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
106
|
- |
-
|
-
|
-
|
Improper Privilege Management vulnerability in WhatArmy WatchTowerHQ allows Privilege Escalation.This issue affects WatchTowerHQ: from n/a through 3.6.16.
New
|
CWE-269
不適切な権限管理
|
CVE-2023-25701
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
107
|
- |
-
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Using Malicious Files.This issue affects JS Help Desk – Best Help D…
New
|
CWE-434
危険なタイプのファイルの無制限アップロード
|
CVE-2023-25444
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
108
|
- |
-
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vova Anokhin Shortcodes Ultimate allows Absolute Path Traversal.This issue affects Shortcodes Ultimate:…
New
|
CWE-22
パス・トラバーサル
|
CVE-2023-25050
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
109
|
- |
-
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Web-Settler Landing Page Builder – Free Landing Page Templates allows Path Traversal.This issue affects…
New
|
CWE-22
パス・トラバーサル
|
CVE-2023-24379
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
110
|
- |
-
|
-
|
-
|
Improper Privilege Management vulnerability in Qube One Ltd. Redirection for Contact Form 7 wpcf7-redirect allows Privilege Escalation.This issue affects Redirection for Contact Form 7: from n/a thro…
New
|
CWE-269
不適切な権限管理
|
CVE-2023-23990
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
111
|
- |
-
|
-
|
-
|
Missing Authorization vulnerability in Joseph C Dolson My Tickets.This issue affects My Tickets: from n/a through 1.9.11.
New
|
CWE-862
認証の欠如
|
CVE-2023-23988
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
112
|
- |
-
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rank Math Rank Math SEO allows Path Traversal.This issue affects Rank Math SEO: from n/a through 1.0.10…
New
|
CWE-22
パス・トラバーサル
|
CVE-2023-23888
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
113
|
- |
-
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in German Mesky GMAce allows Path Traversal.This issue affects GMAce: from n/a through 1.5.2.
New
|
CWE-22
パス・トラバーサル
|
CVE-2023-23872
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
114
|
- |
-
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OceanWP allows PHP Local File Inclusion.This issue affects OceanWP: from n/a through 3.4.1.
New
|
-
|
CVE-2023-23700
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
115
|
- |
-
|
-
|
-
|
Improper Control of Generation of Code ('Code Injection') vulnerability in MainWP MainWP Code Snippets Extension allows Code Injection.This issue affects MainWP Code Snippets Extension: from n/a thro…
New
|
CWE-94
コード・インジェクション
|
CVE-2023-23645
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
116
|
- |
-
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in YARPP allows PHP Local File Inclusion.This issue affects YARPP: from n/a through 5.30.4.
New
|
CWE-22
パス・トラバーサル
|
CVE-2022-45374
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
117
|
- |
-
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Lenderd 1003 Mortgage Application allows Relative Path Traversal.This issue affects 1003 Mortgage Appli…
New
|
CWE-22
パス・トラバーサル
|
CVE-2022-45368
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
118
|
- |
-
|
-
|
-
|
Missing Authorization vulnerability in FmeAddons Conditional Checkout Fields for WooCommerce.This issue affects Conditional Checkout Fields for WooCommerce: from n/a through 1.2.3.
New
|
CWE-862
認証の欠如
|
CVE-2022-45070
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
119
|
- |
-
|
-
|
-
|
Insecure Storage of Sensitive Information vulnerability in WPMU DEV Defender Security allows : Screen Temporary Files for Sensitive Information.This issue affects Defender Security: from n/a through …
New
|
CWE-922
重要な情報のセキュアでない格納
|
CVE-2022-44581
|
2024-05-17 16:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
120
|
- |
-
|
-
|
-
|
Improper Privilege Management vulnerability in Teplitsa of social technologies Leyka allows Privilege Escalation.This issue affects Leyka: from n/a through 3.30.2.
New
|
CWE-269
不適切な権限管理
|
CVE-2023-33327
|
2024-05-17 16:15 |
2024-05-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
121
|
- |
-
|
-
|
-
|
Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue affects Advance WordPress Search Plugin: from n/a through 1.1.4.
Update
|
CWE-862
認証の欠如
|
CVE-2022-40218
|
2024-05-17 16:15 |
2024-05-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
122
|
- |
-
|
-
|
-
|
The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor to perform Stored Cross-Site Scripting attacks …
New
|
-
|
CVE-2024-3580
|
2024-05-17 15:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
123
|
- |
-
|
-
|
-
|
The Popup4Phone WordPress plugin through 1.3.2 does not sanitise and escape some parameters, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins.
New
|
-
|
CVE-2024-3231
|
2024-05-17 15:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
124
|
- |
-
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Visualmodo Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg…
New
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2024-34757
|
2024-05-17 15:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
125
|
- |
-
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PluginOps Landing Page Builder allows Reflected XSS.This issue affects Landing Page Builde…
New
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2024-34752
|
2024-05-17 15:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
126
|
- |
-
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in deTheme DethemeKit For Elementor allows Stored XSS.This issue affects DethemeKit For Eleme…
New
|
-
|
CVE-2024-34575
|
2024-05-17 15:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
127
|
- |
-
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GhozyLab, Inc. Popup Builder allows Stored XSS.This issue affects Popup Builder: from n/a …
New
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2024-34567
|
2024-05-17 15:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
128
|
- |
-
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Felix Moira Popup More Popups allows Stored XSS.This issue affects Popup More Popups: from…
New
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2024-32800
|
2024-05-17 15:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
129
|
- |
-
|
-
|
-
|
The NextGEN Gallery WordPress plugin before 3.59.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks eve…
New
|
-
|
CVE-2024-2744
|
2024-05-17 15:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
130
|
- |
-
|
-
|
-
|
The socialdriver-framework WordPress plugin before 2024.0.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role …
New
|
-
|
CVE-2024-2697
|
2024-05-17 15:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
131
|
9.8 |
CRITICAL
ネットワーク
-
|
-
|
The Penci Soledad Data Migrator plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.0 via the 'data' parameter. This makes it possible for unauthentic…
New
|
-
|
CVE-2024-3551
|
2024-05-17 12:15 |
2024-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
132
|
- |
-
|
-
|
-
|
A vulnerability, which was classified as problematic, has been found in code-projects Simple Chat System 1.0. This issue affects some unknown processing of the component Message Handler. The manipula…
New
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2024-4975
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
133
|
- |
-
|
-
|
-
|
A vulnerability, which was classified as problematic, was found in code-projects Simple Chat System 1.0. Affected is an unknown function of the file /register.php. The manipulation of the argument na…
New
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2024-4974
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
134
|
- |
-
|
-
|
-
|
A vulnerability classified as critical was found in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file /register.php. The manipulation of the argument name/numb…
New
|
-
|
CVE-2024-4973
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
135
|
- |
-
|
-
|
-
|
A vulnerability classified as critical has been found in code-projects Simple Chat System 1.0. This affects an unknown part of the file /login.php. The manipulation of the argument email/password lea…
New
|
CWE-89
SQLインジェクション
|
CVE-2024-4972
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
136
|
- |
-
|
-
|
-
|
A vulnerability was found in SourceCodester Interactive Map with Marker 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file Marker Name of the comp…
New
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2024-4968
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
137
|
- |
-
|
-
|
-
|
A vulnerability was found in SourceCodester Interactive Map with Marker 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete-…
New
|
CWE-89
SQLインジェクション
|
CVE-2024-4967
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
138
|
- |
-
|
-
|
-
|
A vulnerability was found in SourceCodester SchoolWebTech 1.0. It has been classified as critical. Affected is an unknown function of the file /improve/home.php. The manipulation of the argument imag…
New
|
CWE-434
危険なタイプのファイルの無制限アップロード
|
CVE-2024-4966
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
139
|
- |
-
|
-
|
-
|
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000-40 V31R02B1413C and classified as critical. This issue affects some unknown processing of the file /useratte/resmanage.php…
New
|
CWE-78
OSコマンド・インジェクション
|
CVE-2024-4965
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
140
|
- |
-
|
-
|
-
|
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DAR-7000-40 V31R02B1413C and classified as critical. This vulnerability affects unknown code of the file /firewall/urlblist.ph…
New
|
CWE-434
危険なタイプのファイルの無制限アップロード
|
CVE-2024-4964
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
141
|
- |
-
|
-
|
-
|
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DAR-7000-40 V31R02B1413C. This affects an unknown part of the file /url/url.php. The manipulatio…
New
|
CWE-434
危険なタイプのファイルの無制限アップロード
|
CVE-2024-4963
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
142
|
- |
-
|
-
|
-
|
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-7000-40 V31R02B1413C. Affected by this issue is some unknown functionality of the file …
New
|
-
|
CVE-2024-4962
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
143
|
- |
-
|
-
|
-
|
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DAR-7000-40 V31R02B1413C. Affected by this vulnerability is an unknown functionality of the file /user/onlin…
New
|
CWE-434
危険なタイプのファイルの無制限アップロード
|
CVE-2024-4961
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
144
|
- |
-
|
-
|
-
|
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in D-Link DAR-7000-40 V31R02B1413C. Affected is an unknown function of the file interface/sysmanage/licenseauthor…
New
|
CWE-434
危険なタイプのファイルの無制限アップロード
|
CVE-2024-4960
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
145
|
- |
-
|
-
|
-
|
A vulnerability was found in SourceCodester Online Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/ad…
New
|
CWE-434
危険なタイプのファイルの無制限アップロード
|
CVE-2024-4946
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
146
|
- |
-
|
-
|
-
|
A vulnerability was found in SourceCodester Best Courier Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file view_parcel.php. The manipulation of…
New
|
CWE-434
危険なタイプのファイルの無制限アップロード
|
CVE-2024-4945
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
147
|
- |
-
|
-
|
-
|
A vulnerability has been found in SourceCodester Simple Online Bidding System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bid…
New
|
CWE-89
SQLインジェクション
|
CVE-2024-4933
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
148
|
- |
-
|
-
|
-
|
A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Bidding System 1.0. Affected is an unknown function of the file /simple-online-bidding-system/admin/index.…
New
|
CWE-89
SQLインジェクション
|
CVE-2024-4932
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
149
|
- |
-
|
-
|
-
|
A vulnerability, which was classified as critical, has been found in SourceCodester Simple Online Bidding System 1.0. This issue affects some unknown processing of the file /simple-online-bidding-sys…
New
|
CWE-89
SQLインジェクション
|
CVE-2024-4931
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
150
|
- |
-
|
-
|
-
|
A vulnerability classified as critical was found in SourceCodester Simple Online Bidding System 1.0. This vulnerability affects unknown code of the file /simple-online-bidding-system/index.php?page=v…
New
|
CWE-89
SQLインジェクション
|
CVE-2024-4930
|
2024-05-17 11:40 |
2024-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|