11 matches found
CVE-2021-24639
The OMGF WordPress plugin before 4.5.4 does not enforce path validation, authorisation and CSRF checks in the omgfajaxemptydir AJAX action, which allows any authenticated users to delete arbitrary files or folders on the server...
CVE-2025-24639
Insertion of Sensitive Information Into Sent Data vulnerability in Greys Korea for WooCommerce korea-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Korea for WooCommerce: from n/a through = 1.1.11...
CVE-2025-24639
Insertion of Sensitive Information Into Sent Data vulnerability in Greys Korea for WooCommerce korea-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Korea for WooCommerce: from n/a through = 1.1.11...
CVE-2025-24639 WordPress Korea for WooCommerce plugin <= 1.1.11 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Greys Korea for WooCommerce korea-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Korea for WooCommerce: from n/a through = 1.1.11...
CVE-2025-24639 WordPress Korea for WooCommerce plugin <= 1.1.11 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Greys Korea for WooCommerce korea-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Korea for WooCommerce: from n/a through = 1.1.11...
CVE-2025-24639
CVE-2025-24639: Korea for WooCommerce plugin vulnerability (
CVE-2021-24639
creationtimestamp| type| source ---|---|--- 2021-09-20 14:26:59+00:00| seen| https://t.me/cibsecurity/29095...
CVE-2021-24639
CVE-2021-24639 affects the OMGF WordPress plugin (versions before 4.5.4). The vulnerability is in the omgf_ajax_empty_dir AJAX action, which does not enforce path validation, authorization, or CSRF checks, allowing any authenticated user to delete arbitrary files or folders on the server. Remedia...
CVE-2021-24639 OMGF < 4.5.4 - Subscriber+ Arbitrary File/Folder Deletion
The OMGF WordPress plugin before 4.5.4 does not enforce path validation, authorisation and CSRF checks in the omgfajaxemptydir AJAX action, which allows any authenticated users to delete arbitrary files or folders on the server...
CVE-2020-24639
creationtimestamp| type| source ---|---|--- 2021-01-15 22:51:11+00:00| seen| https://t.me/cibsecurity/22221...
CVE-2020-24639
CVE-2020-24639 affects Aruba Airwave Glass prior to 1.3.3, caused by unsafe Java deserialization that enables arbitrary command execution in a containerized environment, potentially leading to complete host compromise. Affected component: Airwave Glass; root cause: unsafe Java deserialization; im...