CVE-2024-11439

CVE-2024-11439 : The ScanCircle WordPress plugin is vulnerable to a stored XSS via the plugin’s scancircle shortcode in all versions up to and including 2.9.2. Exploitation requires authentication at Contributor level or higher, and scripts injected by an attacker could execute in pages viewed by...

BIT-MATTERMOST-2024-1952

Mattermost version 8.1.x before 8.1.9 fails to sanitize data associated with permalinks when a plugin updates an ephemeral post, allowing an authenticated attacker who can control the ephemeral post update to access individual posts' contents in channels they are not a member of...

CVE-2024-12517 WooCommerce Cart Count Shortcode <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The WooCommerce Cart Count Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cartbutton' shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...

CVE-2024-11879

...

CVE-2024-12465

CVE-2024-12465 (Property Hive Stamp Duty Calculator for WordPress) is a stored XSS flaw in the stamp_duty_calculator_scotland shortcode present in all versions up to 1.0.22. The vulnerability stems from insufficient input sanitization and output escaping on user-supplied shortcode attributes, ena...

CVE-2024-11727 NotificationX – Live Sales Notification, WooCommerce Sales Popup, FOMO, Social Proof, Announcement Banner & Floating Notification Top Bar <= 2.9.3 - Authenticated (Admin+) Stored Cross-Site Scripting

The NotificationX – Live Sales Notification, WooCommerce Sales Popup, FOMO, Social Proof, Announcement Banner & Floating Notification Top Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's content settings for notifications in all versions up to, and including,...

CVE-2024-10909

The Pojo Forms WordPress plugin (pojo-forms) contains a vulnerability affecting versions up to 1.4.7 where an authenticated user with Subscriber+ can trigger arbitrary shortcode execution via the form_preview_shortcode AJAX action. The issue stems from insufficient validation before running do_sh...

CVE-2024-10849 NewsMash <= 1.0.71 - Authenticated (Contributor+) Stored Cross-Site Scripting

The NewsMash theme for WordPress is vulnerable to Stored Cross-Site Scripting via a malicious display name in all versions up to, and including, 1.0.71 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

PT-2024-9438 · I O Data Device · Ud-Lt1/Ex +1

Name of the Vulnerable Software and Affected Versions: I-O Data Device UD-LT1 versions 2.1.9 and earlier I-O Data Device UD-LT1/EX versions 2.1.9 and earlier Description: The issue allows a remote authenticated attacker with an administrative account to execute arbitrary OS commands. This is due ...

Cisco NX-OS Improper Input Validation (CVE-2017-12334)

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation of command...

CVE-2024-9660

CVE-2024-9660 (School Management System for Wordpress) The WordPress plugin versions up to 91.5.0 are vulnerable to arbitrary file uploads due to missing file-type validation in mj_smgt_load_documets_new() and mj_smgt_load_documets(), enabling authenticated users with Student-level access and abo...

CVE-2024-10874 Quotes llama <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Quotes llama plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'quotes-llama' shortcode in all versions up to, and including, 3.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-11412 Shine PDF Embeder <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Shine PDF Embeder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shinepdf' shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-10164 Premium Packages - Sell Digital Products Securely <= 5.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpdmpp_pay_link Shortcode

The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpdmpppaylink shortcode in all versions up to, and including, 5.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This...

CVE-2024-10164 Premium Packages - Sell Digital Products Securely <= 5.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpdmpp_pay_link Shortcode

The Premium Packages – Sell Digital Products Securely plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpdmpppaylink shortcode in all versions up to, and including, 5.9.3 due to insufficient input sanitization and output escaping on user supplied attributes. This...

CVE-2024-11179 MStore API <= 4.15.7 - Authenticated (Subscriber+) SQL Injection

The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to SQL Injection via the 'statustype' parameter in all versions up to, and including, 4.15.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

UBUNTU-CVE-2024-40638

GLPI is a free asset and IT management software package. An authenticated user can exploit multiple SQL injection vulnerabilities. One of them can be used to alter another user account data and take control of it. Upgrade to 10.0.17...

LibreNMS has an Authenticated OS Command Injection

Summary An authenticated attacker can create dangerous directory names on the system and alter sensitive configuration parameters through the web portal. Those two defects combined then allows to inject arbitrary OS commands inside shellexec calls, thus achieving arbitrary code execution. Details...

Security Updates for Azure CycleCloud (November 2024)

The Azure CycleCloud product is missing security updates. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability exists due to a disclosure of the storage credentials. An authenticated, remote attacker can exploit this to bypass authentication and execu...

WordPress plugin Photo Gallery by 10Web 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...