CVE-2025-13924

The Advanced Product Fields Product Addons for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6.17. This is due to missing or incorrect nonce validation on the 'maybeduplicate' function. This makes it possible for unauthenticat...

CVE-2025-13924

creationtimestamp| type| source ---|---|--- 2025-12-09 19:07:02+00:00| seen| https://gist.github.com/Darkcrai86/e472400cc6746e62901500e978a8604b...

WordPress Advanced Product Fields (Product Addons) for WooCommerce plugin <= 1.6.17 - Cross-Site Request Forgery to Product Field Group Duplication and Publication vulnerability

Cross-Site Request Forgery to Product Field Group Duplication and Publication vulnerability discovered by Nguyen C in WordPress Plugin Advanced Product Fields Product Addons for WooCommerce versions = 1.6.17...

CVE-2019-13924

A vulnerability has been identified in SCALANCE S602 All versions V4.1, SCALANCE S612 All versions V4.1, SCALANCE S623 All versions V4.1, SCALANCE S627-2M All versions V4.1, SCALANCE X-200 switch family incl. SIPLUS NET variants All versions 5.2.4, SCALANCE X-200IRT switch family incl. SIPLUS NET...

CVE-2024-13924

The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.0.0 via the 'httprequesthostisexternal' filter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

CVE-2024-13924

The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.0.0 via the 'httprequesthostisexternal' filter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

CVE-2024-13924

creationtimestamp| type| source ---|---|--- 2025-03-08 12:36:26+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6945 2025-03-08 15:11:16+00:00| seen| https://t.me/cvedetector/19899 2025-03-08 16:29:02+00:00| seen| Telegram/HG0MGwIqq-n4i0Gf-FzKxnP20cW5N5XUKms6jqt4dgi5pDp...

CVE-2024-13924

CVE-2024-13924 affects Starter Templates by FancyWP (WordPress plugin) up to version 2.0.0, enabling unauthenticated Blind Server-Side Request Forgery via the http_request_host_is_external filter. This SSRF could let an attacker make web requests from the vulnerable WordPress instance to arbitrar...

CVE-2024-13924 Starter Templates by FancyWP <= 2.0.0 - Unauthenticated Blind Server-Side Request Forgery

The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.0.0 via the 'httprequesthostisexternal' filter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

CVE-2024-13924 Starter Templates by FancyWP <= 2.0.0 - Unauthenticated Blind Server-Side Request Forgery

The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.0.0 via the 'httprequesthostisexternal' filter. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations...

CVE-2017-13924

creationtimestamp| type| source ---|---|--- 2023-09-14 22:30:51+00:00| seen| https://t.me/cibsecurity/70485...

Siemens SCALANCE X Switches Protection Mechanism Failure (CVE-2019-13924)

A vulnerability has been identified in SCALANCE S602 All versions V4.1, SCALANCE S612 All versions V4.1, SCALANCE S623 All versions V4.1, SCALANCE S627-2M All versions V4.1, SCALANCE X-200 switch family incl. SIPLUS NET variants All versions 5.2.4, SCALANCE X-200IRT switch family incl. SIPLUS NET...

SUSE: Security Advisory (SUSE-SU-2019:13924-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-13924

creationtimestamp| type| source ---|---|--- 2021-03-17 11:30:50+00:00| seen| https://t.me/cibsecurity/24991...

CVE-2020-13924

CVE-2020-13924 affects Apache Ambari 2.6.2.2 and earlier. Malicious users can construct file names to perform directory traversal and traverse to other directories to download files, enabling a remote, unauthenticated file download vulnerability. The vulnerability is documented across multiple so...

CVE-2019-13924

A vulnerability has been identified in SCALANCE S602 All versions V4.1, SCALANCE S612 All versions V4.1, SCALANCE S623 All versions V4.1, SCALANCE S627-2M All versions V4.1, SCALANCE X-200 switch family incl. SIPLUS NET variants All versions 5.2.4, SCALANCE X-200IRT switch family incl. SIPLUS NET...

CVE-2019-13924

CVE-2019-13924 affects Siemens SCALANCE X and S switches. The root issue is that the admin web interface does not send the X-Frame-Options header, enabling clickjacking where an attacker could trick a logged-in administrator into performing actions via a malicious page. Affected families and vers...

CVE-2018-13924

creationtimestamp| type| source ---|---|--- 2019-07-22 18:28:16+00:00| seen| https://t.me/cibsecurity/5636...

CVE-2018-13924

The CVE-2018-13924 entry concerns a buffer length validation flaw that can take negative values, causing a stack overflow in Qualcomm components across many Snapdragon platforms (Auto/Compute/Connectivity/IOT/Industrial IOT, Mobile, Wearables, etc.) including IPQ8074 family and various SD/SM/QR s...

CVE-2018-13924

Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...