CVE-2024-30484 WordPress RT Easy Builder plugin <= 2.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in RT Easy Builder – Advanced addons for Elementor.This issue affects RT Easy Builder – Advanced addons for Elementor: from n/a through...
4.3CVSS
4.7AI Score
0.001EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in visualcomposer.Com Visual Composer Website Builder allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through...
6.5CVSS
7AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in visualcomposer.Com Visual Composer Website Builder allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through...
5.4CVSS
6.4AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brave Brave Popup Builder allows Stored XSS.This issue affects Brave Popup Builder: from n/a through...
5.9CVSS
5.3AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brave Brave Popup Builder allows Stored XSS.This issue affects Brave Popup Builder: from n/a through...
4.8CVSS
5.7AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in visualcomposer.Com Visual Composer Website Builder allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through...
6.5CVSS
6.8AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in visualcomposer.Com Visual Composer Website Builder allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through...
6.5CVSS
5.8AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brave Brave Popup Builder allows Stored XSS.This issue affects Brave Popup Builder: from n/a through...
5.9CVSS
6.8AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brave Brave Popup Builder allows Stored XSS.This issue affects Brave Popup Builder: from n/a through...
5.9CVSS
5.3AI Score
0.0004EPSS
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through...
10CVSS
9.6AI Score
0.001EPSS
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through...
10CVSS
7.2AI Score
0.001EPSS
Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through...
5.3CVSS
7.2AI Score
0.0004EPSS
Improper Control of Interaction Frequency vulnerability in Metagauss RegistrationMagic allows Functionality Misuse.This issue affects RegistrationMagic: from n/a through...
5.3CVSS
7.1AI Score
0.0004EPSS
Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS
Improper Control of Interaction Frequency vulnerability in Metagauss RegistrationMagic allows Functionality Misuse.This issue affects RegistrationMagic: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through...
10CVSS
7AI Score
0.001EPSS
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through...
10CVSS
9.5AI Score
0.001EPSS
Improper Control of Interaction Frequency vulnerability in Metagauss RegistrationMagic allows Functionality Misuse.This issue affects RegistrationMagic: from n/a through...
5.3CVSS
6.9AI Score
0.0004EPSS
Improper Control of Interaction Frequency vulnerability in Metagauss RegistrationMagic allows Functionality Misuse.This issue affects RegistrationMagic: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS
CVE-2023-51543 WordPress RegistrationMagic plugin <= 5.2.5.0 - IP Limit Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through...
5.3CVSS
5.3AI Score
0.0004EPSS
CVE-2023-51543 WordPress RegistrationMagic plugin <= 5.2.5.0 - IP Limit Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through...
5.3CVSS
7AI Score
0.0004EPSS
Improper Restriction of Excessive Authentication Attempts vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Functionality Bypass.This issue affects Form Maker by 10Web: from n/a through...
5.3CVSS
5.4AI Score
0.0004EPSS
Improper Restriction of Excessive Authentication Attempts vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Functionality Bypass.This issue affects Form Maker by 10Web: from n/a through...
5.3CVSS
7.2AI Score
0.0004EPSS
Improper Restriction of Excessive Authentication Attempts vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Functionality Bypass.This issue affects Form Maker by 10Web: from n/a through...
5.3CVSS
7AI Score
0.0004EPSS
Improper Restriction of Excessive Authentication Attempts vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Functionality Bypass.This issue affects Form Maker by 10Web: from n/a through...
5.3CVSS
5.4AI Score
0.0004EPSS
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through...
5.4CVSS
5.6AI Score
0.0004EPSS
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through...
5.4CVSS
7.1AI Score
0.0004EPSS
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through...
5.4CVSS
5.6AI Score
0.0004EPSS
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through...
5.4CVSS
6.9AI Score
0.0004EPSS
The WPUpper Share Buttons plugin for WordPress is vulnerable to unauthorized access of data when preparing sharing links for posts and pages in all versions up to, and including, 3.43. This makes it possible for unauthenticated attackers to obtain the contents of password protected posts and...
5.3CVSS
5.2AI Score
0.0005EPSS
The WPUpper Share Buttons plugin for WordPress is vulnerable to unauthorized access of data when preparing sharing links for posts and pages in all versions up to, and including, 3.43. This makes it possible for unauthenticated attackers to obtain the contents of password protected posts and...
5.3CVSS
7.1AI Score
0.0005EPSS
CVE-2024-4997 WPUpper Share Buttons <= 3.43 - Missing Authorization
The WPUpper Share Buttons plugin for WordPress is vulnerable to unauthorized access of data when preparing sharing links for posts and pages in all versions up to, and including, 3.43. This makes it possible for unauthenticated attackers to obtain the contents of password protected posts and...
5.3CVSS
6.9AI Score
0.0005EPSS
CVE-2024-4997 WPUpper Share Buttons <= 3.43 - Missing Authorization
The WPUpper Share Buttons plugin for WordPress is vulnerable to unauthorized access of data when preparing sharing links for posts and pages in all versions up to, and including, 3.43. This makes it possible for unauthenticated attackers to obtain the contents of password protected posts and...
5.3CVSS
5.2AI Score
0.0005EPSS
Description The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘size’ parameter in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
6.4CVSS
5.8AI Score
0.001EPSS
Description The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's contact form widget error message and redirect URL in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping on user supplied error.....
6.4CVSS
5.7AI Score
0.0004EPSS
Description The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Link To' field of multiple widgets in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
7.4CVSS
5.8AI Score
0.001EPSS
Brizy – Page Builder < 2.4.42 - Authenticated(Contributor+) Stored Cross-Site Scripting
Description The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post content in all versions up to, and including, 2.4.41 due to insufficient input sanitization performed only on the client side and insufficient output escaping. This makes it possible for....
7.1CVSS
5.7AI Score
0.0004EPSS
Description The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Custom Attributes for blocks in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
6.4CVSS
5.7AI Score
0.0004EPSS
Brizy – Page Builder < 2.4.44 - Unauthenticated Stored Cross-Site Scripting via Form
Description The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form name values in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
7.2CVSS
6AI Score
0.001EPSS
apko is an apk-based OCI image builder. apko exposures HTTP basic auth credentials from repository and keyring URLs in log output. This vulnerability is fixed in...
7.5CVSS
7AI Score
0.0004EPSS
apko is an apk-based OCI image builder. apko exposures HTTP basic auth credentials from repository and keyring URLs in log output. This vulnerability is fixed in...
7.5CVSS
6.4AI Score
0.0004EPSS
apko is an apk-based OCI image builder. apko exposures HTTP basic auth credentials from repository and keyring URLs in log output. This vulnerability is fixed in...
7.5CVSS
7.5AI Score
0.0004EPSS
CVE-2024-36127 apko Exposure of HTTP basic auth credentials in log output
apko is an apk-based OCI image builder. apko exposures HTTP basic auth credentials from repository and keyring URLs in log output. This vulnerability is fixed in...
7.5CVSS
7.4AI Score
0.0004EPSS
The Active Admin (aka activeadmin) framework before 3.2.2 for Ruby on Rails allows stored XSS in certain situations where users can create entities (to be later edited in forms) with arbitrary names, aka a "dynamic form legends" issue. 4.0.0.beta7 is also a fixed...
5.7AI Score
EPSS
EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2024-1785)
According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache...
7.8CVSS
7.8AI Score
0.024EPSS
7.8CVSS
6.6AI Score
0.001EPSS
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1797)
The remote host is missing an update for the Huawei...
7.8CVSS
7AI Score
0.024EPSS
EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2024-1797)
According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache...
7.8CVSS
7.7AI Score
0.024EPSS
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1785)
The remote host is missing an update for the Huawei...
7.8CVSS
7AI Score
0.024EPSS
RHEL 9 : libreoffice (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libreoffice: Array index underflow in Calc formula parsing (CVE-2023-0950) Apache OpenOffice versions...
7.8CVSS
8.8AI Score
0.001EPSS