CVE-2025-0554 Podlove Podcast Publisher <= 4.1.25 - Authenticated (Admin+) Stored Cross-Site Scripting via Feed Name

The Podlove Podcast Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Feed Name value in version = 4.1.25 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject...

CVE-2024-13398 Checkout for PayPal <= 1.0.32 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Checkout for PayPal plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'checkoutforpaypal' shortcode in all versions up to, and including, 1.0.32 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-13401

CVE-2024-13401 affects the WordPress PayPal Payment Button plugin up to version 1.2.3.35. The vulnerability is a Stored XSS in the wp_paypal_checkout shortcode caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authenticated access at ...

CVE-2024-11452 Chamber Dashboard Business Directory <= 3.3.8 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Chamber Dashboard Business Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'businesscategories' shortcode in all versions up to, and including, 3.3.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes...

CVE-2024-13215 Elementor Addon Elements <= 1.13.10 - Authenticated (Contributor+) Sensitive Information Exposure via Modal Popup

The Elementor Addon Elements plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.13.10 via the 'render' function in modules/modal-popup/widgets/modal-popup.php. This makes it possible for authenticated attackers, with Contributor-level acce...

CVE-2024-11848

CVE-2024-11848 affects NitroPack – Caching & Speed Optimization for WordPress. The vulnerability is due to a missing capability check on the nitropack_dismiss_notice_forever AJAX action in NitroPack versions up to 1.17.0, enabling authenticated attackers with subscriber-level access and above to ...

CVE-2024-39769

Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This...

CVE-2024-39294

A buffer overflow vulnerability exists in the adm.cgi setwzdgw4G functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2024-36272

A buffer overflow vulnerability exists in the usbip.cgi setinfo functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2024-39294

Affected software / component: Wavlink AC3000, model M33A8.V5030.210505; vulnerable function in adm.cgi set_wzdgw4G(). Root cause & vulnerability type: Buffer overflow caused by missing length checks when handling POST data in set_wzdgw4G(), allowing stack-based overflow. Impact (as stated): Pote...

CVE-2024-39785

Multiple command execution vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...

CVE-2024-27778

CVE-2024-27778 : Fortinet FortiSandbox OS command injection vulnerability (CWE-78). An authenticated attacker with at least read-only privileges can execute unauthorized OS commands via crafted requests. Affected FortiSandbox versions span 3.0.5–3.0.7, 3.1, 3.2, 4.0.0–4.0.4, 4.2.1–4.2.6, and 4.4....

Hewlett Packard Enterprise ArubaOS 安全漏洞

Hewlett Packard Enterprise ArubaOS HPE ArubaOS is a networked wireless operating system from Hewlett Packard Enterprise. A security vulnerability exists in Hewlett Packard Enterprise ArubaOS that stems from an authenticated parameter injection vulnerability, which can be exploited successfully to...

Wavlink AC3000 adm.cgi rep_as_bridge() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2025 Wavlink AC3000 adm.cgi repasbridge buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-37184 SUMMARY A buffer overflow vulnerability exists in the adm.cgi repasbridge functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...

Wavlink AC3000 adm.cgi set_wzdgw4G() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2026 Wavlink AC3000 adm.cgi setwzdgw4G buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39294 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setwzdgw4G functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HT...

CVE-2023-42240

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /monitor/sscheduledfile.php...

CVE-2023-42237

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple GET parameters of /vam/vamicommand.php...

CVE-2024-11386

CVE-2024-11386 affects the GatorMail SmartForms WordPress plugin (versions up to and including 1.1.0). It allows Stored Cross-Site Scripting via the gatormailsmartform shortcode due to insufficient input sanitization/output escaping. Exploitation requires at least contributor-level authentication...

CVE-2024-12116 Unlimited Theme Addon For Elementor and WooCommerce <= 1.2.2 - Authenticated (Contributor+) Post Disclosure

The Unlimited Theme Addon For Elementor and WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.2 via the 'uta-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated...

CVE-2024-54998

MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:id/debts/create...