WP Quick FrontEnd Editor – WordPress Plugin Security Vulnerabilities
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: flux-source-controller, kind, ip-masq-agent, spark-operator, nghttp2, dex, oauth2-proxy, kaf, atlantis, hey, flux-notification-controller, dotnet, istio-envoy, newrelic-infrastructure-agent, slsa-verifier, secrets-store-csi-driver-provider-gcp, bom, kubevela,...
8.7AI Score
0.72EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: flux-source-controller, ip-masq-agent, kubernetes-csi-external-provisioner, nri-kubernetes, certificate-transparency, prometheus-beat-exporter, spark-operator, kyverno-policy-reporter, dex, docker, aws-flb-kinesis, vexctl, grafana-operator, oauth2-proxy, kaf,...
7.5AI Score
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: telegraf, wolfictl, docker, trivy, nvidia-device-plugin, skopeo, datadog-agent, kubernetes, syft, runc, zarf, k9s, ctop, skaffold, newrelic-infrastructure-agent, buildkitd, kots, ingress-nginx-controller, zot, cadvisor, kubescape, k3d, k3s, kaniko, nerdctl,...
7.5AI Score
0.051EPSS
GHSA-VVPX-J8F3-3W6H vulnerabilities
Vulnerabilities for packages: grpcurl, falco, hey, k3d, restic, wireguard-go, go, dynamic-localpv-provisioner,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: kind, kube-rbac-proxy, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, paranoia, nri-f5, oras, kyverno-policy-reporter, dex, spark-operator, aws-flb-kinesis, nri-mssql, grafana-operator, regclient, vexctl, kaf, kube-state-metrics,...
6.5AI Score
0.0004EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: flux-source-controller, ip-masq-agent, kubernetes-csi-external-provisioner, nri-kubernetes, certificate-transparency, prometheus-beat-exporter, spark-operator, kyverno-policy-reporter, dex, docker, aws-flb-kinesis, vexctl, grafana-operator, oauth2-proxy, kaf,...
6.7AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: kind, kube-rbac-proxy, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, paranoia, nri-f5, oras, kyverno-policy-reporter, dex, spark-operator, aws-flb-kinesis, nri-mssql, grafana-operator, regclient, vexctl, kaf, kube-state-metrics,...
6.5AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: kind, kube-rbac-proxy, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, paranoia, nri-f5, oras, kyverno-policy-reporter, dex, spark-operator, aws-flb-kinesis, nri-mssql, grafana-operator, regclient, vexctl, kaf, kube-state-metrics,...
7.5AI Score
CVE-2022-41723 vulnerabilities
Vulnerabilities for packages: grpcurl, falco, hey, k3d, restic, wireguard-go, go, dynamic-localpv-provisioner,...
8.2AI Score
0.02EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: ip-masq-agent, dex, vexctl, aws-flb-kinesis, regclient, atlantis, kube-state-metrics, kubecolor, k9s, k8ssandra-operator, prometheus-mongodb-exporter, hcloud, slsa-verifier, istio-cni, trillian, gitlab-pages, ingress-nginx-controller, nri-nginx, conftest, gobump,...
7AI Score
0.0004EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: flux-source-controller, kind, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, certificate-transparency, paranoia, oras, spark-operator, dex, grafana-operator, oauth2-proxy, regclient, kaf, atlantis, kafka_exporter, karpenter,...
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: flux-source-controller, kind, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, certificate-transparency, paranoia, oras, spark-operator, dex, grafana-operator, oauth2-proxy, regclient, kaf, atlantis, kafka_exporter, karpenter,...
7.5AI Score
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: gitlab-logger, kind, sops, gosu, ip-masq-agent, nsc, render-template, oras, scorecard, dgraph, aws-flb-kinesis, aws-flb-cloudwatch, petname, go-md2man, gke-gcloud-auth-plugin, cortex, hey, falco, ctop, prometheus-stackdriver-exporter, aws-flb-firehose, cni-plugins,...
8.2AI Score
0.001EPSS
Vulnerabilities for packages: flux-source-controller, spark-operator, kubernetes-csi-external-provisioner, dex, oauth2-proxy, kaf, karpenter, kube-state-metrics, hey, flux-notification-controller, prometheus-mongodb-exporter, newrelic-infrastructure-agent, trillian, prometheus-postgres-exporter,...
6.5AI Score
0.001EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: kind, kube-rbac-proxy, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, paranoia, nri-f5, oras, kyverno-policy-reporter, dex, spark-operator, aws-flb-kinesis, nri-mssql, grafana-operator, regclient, vexctl, kaf, kube-state-metrics,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: kind, kube-rbac-proxy, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, paranoia, nri-f5, oras, kyverno-policy-reporter, dex, spark-operator, aws-flb-kinesis, nri-mssql, grafana-operator, regclient, vexctl, kaf, kube-state-metrics,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: kind, kube-rbac-proxy, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, paranoia, nri-f5, oras, kyverno-policy-reporter, dex, spark-operator, aws-flb-kinesis, nri-mssql, grafana-operator, regclient, vexctl, kaf, kube-state-metrics,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: ip-masq-agent, dex, vexctl, aws-flb-kinesis, regclient, atlantis, kube-state-metrics, kubecolor, k9s, k8ssandra-operator, prometheus-mongodb-exporter, hcloud, slsa-verifier, istio-cni, trillian, gitlab-pages, ingress-nginx-controller, nri-nginx, conftest, gobump,...
7.5AI Score
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: flux-source-controller, kind, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, certificate-transparency, paranoia, oras, spark-operator, dex, grafana-operator, oauth2-proxy, regclient, kaf, atlantis, kafka_exporter, karpenter,...
7.5AI Score
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: flux-source-controller, kind, spark-operator, kubernetes-csi-external-provisioner, dex, oauth2-proxy, kaf, atlantis, karpenter, kube-state-metrics, hey, flux-notification-controller, prometheus-mongodb-exporter, newrelic-infrastructure-agent, slsa-verifier, istio-cni,....
8.2AI Score
0.002EPSS
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: gitlab-logger, kind, sops, gosu, ip-masq-agent, nsc, render-template, oras, scorecard, dgraph, aws-flb-kinesis, aws-flb-cloudwatch, petname, go-md2man, gke-gcloud-auth-plugin, cortex, hey, falco, ctop, prometheus-stackdriver-exporter, aws-flb-firehose, cni-plugins,...
7.4AI Score
0.001EPSS
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: gitlab-logger, kind, sops, gosu, ip-masq-agent, nsc, render-template, oras, scorecard, dgraph, aws-flb-kinesis, aws-flb-cloudwatch, petname, go-md2man, gke-gcloud-auth-plugin, cortex, hey, falco, ctop, prometheus-stackdriver-exporter, aws-flb-firehose, cni-plugins,...
7.5AI Score
GHSA-9F76-WG39-X86H vulnerabilities
Vulnerabilities for packages: gitlab-logger, kind, sops, gosu, ip-masq-agent, nsc, render-template, oras, scorecard, dgraph, aws-flb-kinesis, aws-flb-cloudwatch, petname, go-md2man, gke-gcloud-auth-plugin, cortex, hey, falco, ctop, prometheus-stackdriver-exporter, aws-flb-firehose, cni-plugins,...
7.5AI Score
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: flux-source-controller, spark-operator, kubernetes-csi-external-provisioner, dex, oauth2-proxy, kaf, karpenter, kube-state-metrics, hey, flux-notification-controller, prometheus-mongodb-exporter, newrelic-infrastructure-agent, trillian, prometheus-postgres-exporter,...
7.5AI Score
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: flux-source-controller, kind, spark-operator, kubernetes-csi-external-provisioner, dex, oauth2-proxy, kaf, atlantis, karpenter, kube-state-metrics, hey, flux-notification-controller, prometheus-mongodb-exporter, newrelic-infrastructure-agent, slsa-verifier, istio-cni,....
7.5AI Score
GHSA-M425-MQ94-257G vulnerabilities
Vulnerabilities for packages: node-problem-detector, flux-source-controller, kubernetes-csi-external-attacher, telegraf, spark-operator, coredns, scorecard, dex, dgraph, flux-kustomize-controller, oauth2-proxy, tctl, argo-cd, nvidia-device-plugin, aws-efs-csi-driver, kubernetes-csi-livenessprobe,.....
7.5AI Score
GHSA-QPPJ-FM5R-HXR3 vulnerabilities
Vulnerabilities for packages: flux-source-controller, kind, ip-masq-agent, spark-operator, nghttp2, dex, oauth2-proxy, kaf, atlantis, hey, flux-notification-controller, dotnet, istio-envoy, newrelic-infrastructure-agent, slsa-verifier, secrets-store-csi-driver-provider-gcp, bom, kubevela,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: kind, kube-rbac-proxy, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, paranoia, nri-f5, oras, kyverno-policy-reporter, dex, spark-operator, aws-flb-kinesis, nri-mssql, grafana-operator, regclient, vexctl, kaf, kube-state-metrics,...
6.5AI Score
0.0004EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: kind, kube-rbac-proxy, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, paranoia, nri-f5, oras, kyverno-policy-reporter, dex, spark-operator, aws-flb-kinesis, nri-mssql, grafana-operator, regclient, vexctl, kaf, kube-state-metrics,...
6.5AI Score
0.0004EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: kind, kube-rbac-proxy, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, paranoia, nri-f5, oras, kyverno-policy-reporter, dex, spark-operator, aws-flb-kinesis, nri-mssql, grafana-operator, regclient, vexctl, kaf, kube-state-metrics,...
7.5AI Score
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: flux-source-controller, kind, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, certificate-transparency, paranoia, oras, spark-operator, dex, grafana-operator, oauth2-proxy, regclient, kaf, atlantis, kafka_exporter, karpenter,...
6.5AI Score
0.0004EPSS
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: kind, kube-rbac-proxy, ip-masq-agent, kubernetes-csi-external-provisioner, prometheus-beat-exporter, paranoia, nri-f5, oras, kyverno-policy-reporter, dex, spark-operator, aws-flb-kinesis, nri-mssql, grafana-operator, regclient, vexctl, kaf, kube-state-metrics,...
6.5AI Score
0.0004EPSS
GHSA-XR7R-F8XQ-VFVV vulnerabilities
Vulnerabilities for packages: telegraf, wolfictl, docker, trivy, nvidia-device-plugin, skopeo, datadog-agent, kubernetes, syft, runc, zarf, k9s, ctop, skaffold, newrelic-infrastructure-agent, buildkitd, kots, ingress-nginx-controller, zot, cadvisor, kubescape, k3d, k3s, kaniko, nerdctl,...
7.5AI Score
CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2
CVE-2023-44487 affecting package sriov-network-device-plugin for versions less than 3.5.1-2. A patched version of the package is...
8.2AI Score
0.72EPSS
MStore API < 3.9.8 - SQL Injection
The MStore API WordPress plugin before 3.9.8 is vulnerable to Blind SQL injection via the product_id...
7.7AI Score
0.001EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1787-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1787-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. This update...
7.2AI Score
openSUSE 15 Security Update : libqt5-qtnetworkauth (openSUSE-SU-2024:0143-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0143-1 advisory. - CVE-2024-36048: Fixed data race and poor seeding in generateRandomString() (boo#1224782). Tenable has extracted the preceding description block...
7.1AI Score
SUSE SLES15 / openSUSE 15 Security Update : java-1_8_0-openj9 (SUSE-SU-2024:1793-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1793-1 advisory. Update to OpenJDK 8u412 build 08 with OpenJ9 0.44.0 virtual machine: - CVE-2024-21094: Fixed C2 compilation failure with...
7.9AI Score
SUSE SLES15 Security Update : apache2 (SUSE-SU-2024:1788-1)
The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1788-1 advisory. - CVE-2023-38709: Fixed faulty input validation inside the HTTP response splitting code (bsc#1222330). - CVE-2024-24795: Fixed...
7.5AI Score
Ubuntu 20.04 LTS / 22.04 LTS : Netatalk vulnerabilities (USN-6786-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6786-1 advisory. It was discovered that Netatalk did not properly protect an SMB and AFP default configuration. A remote attacker could possibly use this issue to ...
7.6AI Score
8.6AI Score
0.001EPSS
7.9AI Score
Marketplace fraud is nothing new. Cybercriminals swindle money out of buyers and sellers alike. Lately, we've seen a proliferation of cybergangs operating under the Fraud-as-a-Service model and specializing in tricking users of online marketplaces, in particular, message boards. Criminals are...
6.4AI Score
In the Linux kernel, the following vulnerability has been resolved: ipv6: fix memory leak in fib6_rule_suppress The kernel leaks memory when a fib rule is present in IPv6 nftables firewall rules and a suppress_prefix rule is present in the IPv6 routing rules (used by certain tools such as...
7.1AI Score
0.0004EPSS
The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admin users to perform SQL injection...
7.8AI Score
0.0004EPSS
The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as deleting cards via CSRF...
7AI Score
0.0004EPSS
The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF...
7AI Score
0.0004EPSS
The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as editing cards via CSRF...
7AI Score
0.0004EPSS
The KKProgressbar2 Free WordPress plugin through 1.1.4.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF...
6AI Score
0.0004EPSS
The Business Card WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions such as editing card categories via CSRF...
7AI Score
0.0004EPSS