CVE-2026-24541 WordPress Download After Email plugin <= 2.1.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in mkscripts Download After Email download-after-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download After Email: from n/a through = 2.1.9...

CVE-2021-24541

The Wonder PDF Embed WordPress plugin before 1.7 does not escape parameters of its wonderpluginpdf shortcode, which could allow users with a role as low as Contributor to perform Stored XSS attacks...

CVE-2025-24541

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dinamiko DK White Label dk-white-label allows Reflected XSS.This issue affects DK White Label: from n/a through = 1.0...

CVE-2025-24541

creationtimestamp| type| source ---|---|--- 2025-02-03 15:17:59+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhbtmwfhpe2w 2025-02-03 16:55:41+00:00| seen| https://infosec.exchange/users/cve/statuses/113941003663756969...

CVE-2025-24541 WordPress DK White Label plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dinamiko DK White Label dk-white-label allows Reflected XSS.This issue affects DK White Label: from n/a through = 1.0...

CVE-2025-24541 WordPress DK White Label plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dinamiko DK White Label dk-white-label allows Reflected XSS.This issue affects DK White Label: from n/a through = 1.0...

CVE-2025-24541

The CVE-2025-24541 entry concerns the WordPress DK White Label plugin (versions up to 1.0). The vulnerability is a Reflected Cross-Site Scripting (XSS) due to Improper Neutralization of Input During Web Page Generation. The issue affects DK White Label: from n/a through 1.0, and the connected sou...

CVE-2020-24541

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

CVE-2022-24541

CVE-2022-24541 is described in the initial entry as a Windows Server Service Remote Code Execution vulnerability. Connected material explicitly associates the CVE with a Windows SMB-based remote code execution context, indicating the vulnerability affects the Windows Server service and can enable...

CVE-2022-24541 Windows Server Service Remote Code Execution Vulnerability

...

CVE-2022-24541 Windows Server Service Remote Code Execution Vulnerability

...

CVE-2022-24541

creationtimestamp| type| source ---|---|--- 2022-04-13 08:18:48+00:00| seen| https://t.me/itsecnews/474 2022-04-15 22:20:20+00:00| seen| https://t.me/cibsecurity/40893...

KB5012653: Windows 10 version 1507 LTS Security Update (April 2022)

The remote Windows host is missing security update 5012653. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-26798, CVE-2022-26801, CVE-2022-26786, CVE-2022-24549, CVE-2022-26794,...

KB5012632: Windows Server 2008 Security Update (April 2022)

The remote Windows host is missing security update 5012632 or cumulative update 5012658. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

KB5012670: Windows 8.1 and Windows Server 2012 R2 Security Update (April 2022)

The remote Windows host is missing security update 5012639 or cumulative update 5012670. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-24474, CVE-2022-24481, CVE-2022-24494,...

KB5012666: Windows Server 2012 Security Update (April 2022)

The remote Windows host is missing security update 5012666 or cumulative update 5012650. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

CVE-2021-24541

The CVE-2021-24541 entry concerns the WordPress Wonder PDF Embed plugin (before version 1.7). The vulnerability stems from the plugin not escaping parameters of the wonderplugin_pdf shortcode, enabling Stored XSS for users with a role as low as Contributor. Affected component/function: wonderplug...

CVE-2021-24541 Wonder PDF Embed < 1.7 - Contributor+ Stored XSS

The Wonder PDF Embed WordPress plugin before 1.7 does not escape parameters of its wonderpluginpdf shortcode, which could allow users with a role as low as Contributor to perform Stored XSS attacks...

CVE-2020-24541

CVE-2020-24541 is rejected/not used per initial description.