The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the db parameter in all versions up to, and including, 5.7.23 due to insufficient escaping on the user supplied...
9.8CVSS
EPSS
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the db parameter in all versions up to, and including, 5.7.23 due to insufficient escaping on the user supplied...
9.8CVSS
9.7AI Score
EPSS
genoverband.de Cross Site Scripting vulnerability OBB-3937041
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the db parameter in all versions up to, and including, 5.7.23 due to insufficient escaping on the user supplied...
9.8CVSS
EPSS
U.S. Bans Kaspersky Software, Citing National Security Risks
The U.S. Department of Commerce's Bureau of Industry and Security (BIS) on Thursday announced a "first of its kind" ban that prohibits Kaspersky Lab's U.S. subsidiary from directly or indirectly offering its security software in the country. The blockade also extends to the cybersecurity company's....
6.9AI Score
The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.5.4 via the 'magazine_style' parameter within the Dynamic Smart Showcase widget. This makes it possible for authenticated attackers, with Contributor-level.....
8.8CVSS
8.9AI Score
EPSS
The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.5.4 via the 'magazine_style' parameter within the Dynamic Smart Showcase widget. This makes it possible for authenticated attackers, with Contributor-level.....
8.8CVSS
EPSS
The ConvertKit – Email Newsletter, Email Marketing, Subscribers and Landing Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tag_subscriber function in all versions up to, and including, 2.4.9. This makes it possible for...
5.3CVSS
EPSS
The ConvertKit – Email Newsletter, Email Marketing, Subscribers and Landing Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tag_subscriber function in all versions up to, and including, 2.4.9. This makes it possible for...
5.3CVSS
5.1AI Score
EPSS
CVE-2024-3961 ConvertKit <= 2.4.9 - Missing Authorization
The ConvertKit – Email Newsletter, Email Marketing, Subscribers and Landing Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tag_subscriber function in all versions up to, and including, 2.4.9. This makes it possible for...
5.3CVSS
EPSS
The Plus Addons for Elementor Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.5.4 via the 'magazine_style' parameter within the Dynamic Smart Showcase widget. This makes it possible for authenticated attackers, with Contributor-level.....
8.8CVSS
EPSS
6.4CVSS
7.7AI Score
0.0004EPSS
6.5CVSS
7.7AI Score
0.001EPSS
7.5AI Score
6.3AI Score
0.0004EPSS
GHSA-7WW5-4WQC-M92C vulnerabilities
Vulnerabilities for packages: cert-manager, helm, kubevela, melange, zot, helm-push, flux-source-controller, up, gitness, tekton-pipelines, fuse-overlayfs-snapshotter, eksctl, kubescape, newrelic-infrastructure-agent, k3d, telegraf, skaffold, trivy, neuvector-agent, kots, flux-helm-controller,...
7.5AI Score
CVE-2024-25620 vulnerabilities
Vulnerabilities for packages: cert-manager, helm-operator, kubescape, zarf, istio-operator, eksctl, cilium-cli, chartmuseum, trivy, k8sgpt, kots, up, zot, helm-push, flux-source-controller, k9s,...
6.4CVSS
6.7AI Score
0.0004EPSS
7.5AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
8.8CVSS
6.8AI Score
0.001EPSS
7.5AI Score
7.2AI Score
0.0004EPSS
7.2AI Score
0.0004EPSS
7.5AI Score
7.5AI Score
7.5AI Score
5.3CVSS
7.5AI Score
0.001EPSS
6.5CVSS
7.5AI Score
0.001EPSS
5.9CVSS
6.1AI Score
0.001EPSS
7.5AI Score
7.5AI Score
7.5AI Score
GHSA-RHH4-RH7C-7R5V vulnerabilities
Vulnerabilities for packages: datadog-agent, zarf, wolfictl, nuclei, kubescape,...
7.5AI Score
CVE-2024-21506 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server, datadog-agent,...
6.7AI Score
0.0004EPSS
CVE-2024-36129 vulnerabilities
Vulnerabilities for packages: tempo, opentelemetry-collector-contrib, datadog-agent,...
8.2CVSS
8AI Score
0.001EPSS
10CVSS
10AI Score
0.001EPSS
GHSA-4265-CCF5-PHJ5 vulnerabilities
Vulnerabilities for packages: neo4j, gradle, wavefront-proxy, opensearch, dependency-track, jenkins, spdx-tools-java,...
7.5AI Score
7.5AI Score
7.5AI Score
7.5CVSS
7.9AI Score
0.001EPSS
9.8CVSS
10AI Score
0.003EPSS
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
7.5AI Score
5.5CVSS
7.7AI Score
0.001EPSS