The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the floating_social_buttons_option() function. This makes it possible for unauthenticated attackers to...
6.1CVSS
EPSS
The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the floating_social_buttons_option() function. This makes it possible for unauthenticated attackers to...
6.1CVSS
6AI Score
EPSS
CVE-2024-6405 Floating Social Buttons <= 1.5 - Cross-Site Request Forgery
The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the floating_social_buttons_option() function. This makes it possible for unauthenticated attackers to...
6.1CVSS
EPSS
Vulnerabilities for packages: cloudflared, kubernetes-dns-node-cache,...
5.3CVSS
5.5AI Score
0.0004EPSS
GHSA-VVPX-J8F3-3W6H vulnerabilities
Vulnerabilities for packages: k3d, dynamic-localpv-provisioner, hey, wireguard-go, go, restic, falco, grpcurl,...
7.5AI Score
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...
7.8AI Score
0.0004EPSS
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: configmap-reload, nuclei, k8sgpt, dagger, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, guac, capslock, kaniko, sops, temporal, filebeat, kubernetes-dns-node-cache,...
7.5AI Score
CVE-2023-46402 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, flux-notification-controller, argo-cd, argo-workflows,...
7.5CVSS
7.7AI Score
0.0005EPSS
Vulnerabilities for packages: node-feature-discovery, kubernetes-csi-driver-hostpath, kubernetes, calico, local-static-provisioner, kubernetes-dns-node-cache, nodetaint, aws-ebs-csi-driver, cluster-autoscaler, ip-masq-agent,...
2.7CVSS
4.3AI Score
0.0004EPSS
CVE-2024-21626 vulnerabilities
Vulnerabilities for packages: kubernetes, trivy, skopeo, skaffold, ingress-nginx-controller, kots, k3d, kaniko, newrelic-infrastructure-agent, wolfictl, ctop, telegraf, k3s, nvidia-device-plugin, cadvisor, syft, runc, buildkitd, grype, zarf, nerdctl, docker, k9s, kubescape, zot,...
8.6CVSS
9.2AI Score
0.051EPSS
Vulnerabilities for packages: nuclei, step-ca, skopeo, flux-image-automation-controller, ksops, gitlab-shell, consul, gitlab-kas, prometheus, timestamp-authority, crossplane-provider-azure, guac, policy-controller, rook, k3d, flux-notification-controller, pulumi-kubernetes-operator, sops, kyverno,....
6CVSS
6AI Score
0.0004EPSS
CVE-2023-44487 vulnerabilities
Vulnerabilities for packages: secrets-store-csi-driver-provider-gcp, kaf, wireguard-go, git-lfs, oauth2-proxy, grpcurl, spark-operator, pulumi-language-java, flux-source-controller, kubeflow-katib, dotnet, weaviate, atlantis, gitlab-runner, kind, buildkitd, keda, cert-manager,...
7.5CVSS
9AI Score
0.732EPSS
GHSA-M9W6-WP3H-VQ8G vulnerabilities
Vulnerabilities for packages: cloudflared, kubernetes-dns-node-cache,...
7.5AI Score
CVE-2022-41723 vulnerabilities
Vulnerabilities for packages: k3d, dynamic-localpv-provisioner, hey, wireguard-go, go, restic, falco, grpcurl,...
7.5CVSS
8.4AI Score
0.024EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: configmap-reload, nuclei, k8sgpt, k8ssandra-operator, nri-cassandra, http-echo, gobump, tigera-operator, aws-network-policy-agent, aws-load-balancer-controller, grpcurl, protoc-gen-go, postgres-operator, neuvector-sigstore-interface, flannel, velero-plugin-for-csi,...
6.8AI Score
0.0004EPSS
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: configmap-reload, k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, ksops, wireguard-go, go, neuvector-scanner, aws-ebs-csi-driver, guac, http-echo, capslock, git-lfs, grafana-rollout-operator, gobump, sops, kubernetes-dns-node-cache, kubeadm-bootstrap-controller,...
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: configmap-reload, k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, ksops, wireguard-go, go, neuvector-scanner, aws-ebs-csi-driver, guac, http-echo, capslock, git-lfs, grafana-rollout-operator, gobump, sops, kubernetes-dns-node-cache, kubeadm-bootstrap-controller,...
7.5AI Score
CVE-2024-24789 vulnerabilities
Vulnerabilities for packages: configmap-reload, k8sgpt, dagger, k8ssandra-operator, nri-cassandra, http-echo, gobump, aws-load-balancer-controller, grpcurl, logstash, protoc-gen-go, postgres-operator, neuvector-sigstore-interface, flannel, velero-plugin-for-csi, speedtest-go,...
5.5CVSS
6.1AI Score
0.0004EPSS
GHSA-V6V8-XJ6M-XWQH vulnerabilities
Vulnerabilities for packages: nuclei, step-ca, skopeo, flux-image-automation-controller, ksops, gitlab-shell, consul, gitlab-kas, prometheus, timestamp-authority, crossplane-provider-azure, guac, policy-controller, rook, k3d, flux-notification-controller, pulumi-kubernetes-operator, sops, kyverno,....
7.5AI Score
Vulnerabilities for packages: aactl, kubernetes-dashboard, kpt, traefik, bom,...
6.5CVSS
7AI Score
0.001EPSS
Vulnerabilities for packages: k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, wireguard-go, aws-ebs-csi-driver, git-lfs, apko, oauth2-proxy, aws-load-balancer-controller, grpcurl, spark-operator, pulumi-language-java, flux-source-controller, kubeflow-katib, prometheus-mongodb-exporter,...
6.1CVSS
7.3AI Score
0.001EPSS
CVE-2023-48795 vulnerabilities
Vulnerabilities for packages: libssh2, temporal-ui-server, kaf, wireguard-go, temporal, git-lfs, sops, apko, tigera-operator, oauth2-proxy, istio-pilot-agent, istio-cni, docker-credential-acr-env, argo-workflows, grpc-health-probe, spark-operator, kube-rbac-proxy, flux-source-controller,...
5.9CVSS
7.1AI Score
0.963EPSS
CVE-2024-24786 vulnerabilities
Vulnerabilities for packages: configmap-reload, nuclei, k8sgpt, dagger, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, guac, capslock, kaniko, sops, temporal, filebeat, kubernetes-dns-node-cache,...
6.6AI Score
0.0004EPSS
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...
7.8AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...
7.5AI Score
GHSA-M5VV-6R4H-3VJ9 vulnerabilities
Vulnerabilities for packages: boring-registry, sqlpad, trivy, nuclei, k8sgpt, rclone, step-ca, velero, ksops, harbor-registry, prometheus, timestamp-authority, guac, policy-controller, tempo, rook, cortex, sops, teleport, fluent-bit-plugin-loki, flux-image-reflector-controller, filebeat, kyverno,.....
7.5AI Score
GHSA-3F2Q-6294-FMQ5 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, flux-notification-controller, argo-cd, argo-workflows,...
7.5AI Score
GHSA-RCJV-MGP8-QVMR vulnerabilities
Vulnerabilities for packages: calico, kubernetes, prometheus-adapter, ipfs, keda, kubevela, cert-manager, up, gitlab-kas, thanos, prometheus, k3s, caddy,...
7.5AI Score
CVE-2023-45285 vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, oras, configmap-reload, nsc, vertical-pod-autoscaler, flannel-cni-plugin, prometheus-stackdriver-exporter, sbom-scorecard, influx, dgraph, protoc-gen-go-grpc, nri-discovery-kubernetes, kubernetes-dashboard-metrics-scraper, hey, go-bindata,...
7.5CVSS
7.9AI Score
0.001EPSS
GHSA-449P-3H89-PW88 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, gitness, gitsign, nuclei, scorecard, src-fingerprint, bom, go-licenses,...
7.5AI Score
CVE-2023-45142 vulnerabilities
Vulnerabilities for packages: calico, kubernetes, prometheus-adapter, ipfs, keda, kubevela, cert-manager, up, gitlab-kas, thanos, prometheus, k3s, caddy,...
7.5CVSS
7.9AI Score
0.001EPSS
CVE-2024-35255 vulnerabilities
Vulnerabilities for packages: boring-registry, sqlpad, trivy, nuclei, k8sgpt, rclone, step-ca, velero, ksops, harbor-registry, prometheus, timestamp-authority, guac, policy-controller, tempo, rook, cortex, sops, teleport, fluent-bit-plugin-loki, flux-image-reflector-controller, filebeat, kyverno,.....
5.5CVSS
6AI Score
0.0004EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...
7.5AI Score
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, configmap-reload, nuclei, k8sgpt, dagger, flannel-cni-plugin, secrets-store-csi-driver-provider-gcp, velero, temporal-ui-server, kaf, wireguard-go, wazero, k8ssandra-operator, aws-ebs-csi-driver, nri-discovery-kubernetes, nri-couchbase,...
7.5AI Score
6.5CVSS
7.5AI Score
0.004EPSS
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: configmap-reload, k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, ksops, wireguard-go, go, neuvector-scanner, aws-ebs-csi-driver, guac, http-echo, capslock, git-lfs, grafana-rollout-operator, gobump, sops, kubernetes-dns-node-cache, kubeadm-bootstrap-controller,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: configmap-reload, nuclei, k8sgpt, k8ssandra-operator, nri-cassandra, http-echo, gobump, tigera-operator, aws-network-policy-agent, aws-load-balancer-controller, grpcurl, protoc-gen-go, postgres-operator, neuvector-sigstore-interface, flannel, velero-plugin-for-csi,...
7.5AI Score
CVE-2024-24790 vulnerabilities
Vulnerabilities for packages: configmap-reload, k8sgpt, dagger, k8ssandra-operator, nri-cassandra, http-echo, gobump, aws-load-balancer-controller, grpcurl, logstash, protoc-gen-go, postgres-operator, neuvector-sigstore-interface, flannel, velero-plugin-for-csi, speedtest-go,...
9.8CVSS
9.8AI Score
0.001EPSS
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, wireguard-go, go, aws-ebs-csi-driver, git-lfs, apko, kubernetes-dns-node-cache, oauth2-proxy, istio-pilot-agent, aws-load-balancer-controller, grpcurl, istio-cni, spark-operator, pulumi-language-java,...
7.5CVSS
8.4AI Score
0.002EPSS
GHSA-9763-4F94-GFCH vulnerabilities
Vulnerabilities for packages: boring-registry, rclone, skaffold, flux-image-automation-controller, vault, pulumi-language-yaml, policy-controller, pulumi-kubernetes-operator, flux-notification-controller, kaniko, sops, wolfictl, apko, slsa-verifier, actions-runner-controller, flux, goreleaser,...
7.5AI Score
GHSA-8PGV-569H-W5RW vulnerabilities
Vulnerabilities for packages: temporal, kubernetes, docker-compose, envoy-ratelimit, keda, kubevela, cri-tools, kyverno, temporal-server, cert-manager, argo-cd, kubescape, containerd, kine, k3s, aws-ebs-csi-driver,...
7.5AI Score
Vulnerabilities for packages: calico, prometheus-adapter, kubernetes-dns-node-cache, aws-efs-csi-driver, nodetaint, aws-ebs-csi-driver, cluster-autoscaler, ip-masq-agent,...
8.8CVSS
8.1AI Score
0.001EPSS
GHSA-HQ6Q-C2X6-HMCH vulnerabilities
Vulnerabilities for packages: calico, prometheus-adapter, kubernetes-dns-node-cache, aws-efs-csi-driver, nodetaint, aws-ebs-csi-driver, cluster-autoscaler, ip-masq-agent,...
7.5AI Score
CVE-2023-49569 vulnerabilities
Vulnerabilities for packages: pulumi-kubernetes-operator, gitness, gitsign, nuclei, scorecard, src-fingerprint, bom, go-licenses,...
9.8CVSS
9.7AI Score
0.002EPSS
CVE-2023-47108 vulnerabilities
Vulnerabilities for packages: temporal, kubernetes, docker-compose, envoy-ratelimit, keda, kubevela, cri-tools, kyverno, temporal-server, cert-manager, argo-cd, kubescape, containerd, kine, k3s, aws-ebs-csi-driver,...
7.5CVSS
7.7AI Score
0.001EPSS
GHSA-49GW-VXVF-FC2G vulnerabilities
Vulnerabilities for packages: configmap-reload, k8sgpt, dagger, k8ssandra-operator, nri-cassandra, http-echo, gobump, aws-load-balancer-controller, grpcurl, logstash, protoc-gen-go, postgres-operator, neuvector-sigstore-interface, flannel, velero-plugin-for-csi, speedtest-go,...
7.5AI Score
CVE-2023-39326 vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, oras, configmap-reload, nsc, vertical-pod-autoscaler, flannel-cni-plugin, prometheus-stackdriver-exporter, sbom-scorecard, influx, dgraph, protoc-gen-go-grpc, nri-discovery-kubernetes, kubernetes-dashboard-metrics-scraper, hey, go-bindata,...
5.3CVSS
7.2AI Score
0.001EPSS
GHSA-5F94-VHJQ-RPG8 vulnerabilities
Vulnerabilities for packages: aws-flb-firehose, oras, configmap-reload, nsc, vertical-pod-autoscaler, flannel-cni-plugin, prometheus-stackdriver-exporter, sbom-scorecard, influx, dgraph, protoc-gen-go-grpc, nri-discovery-kubernetes, kubernetes-dashboard-metrics-scraper, hey, go-bindata,...
7.5AI Score
GHSA-2WRH-6PVC-2JM9 vulnerabilities
Vulnerabilities for packages: k8sgpt, secrets-store-csi-driver-provider-gcp, kaf, wireguard-go, aws-ebs-csi-driver, git-lfs, apko, oauth2-proxy, aws-load-balancer-controller, grpcurl, spark-operator, pulumi-language-java, flux-source-controller, kubeflow-katib, prometheus-mongodb-exporter,...
7.5AI Score