CVE-2024-31295 WordPress Captcha by BestWebSoft plugin <= 5.2.0 - Captcha Bypass vulnerability

Guessable CAPTCHA vulnerability in BestWebSoft Captcha by BestWebSoft allows Functionality Bypass.This issue affects Captcha by BestWebSoft: from n/a through 5.2.0...

CVE-2024-31341

CVE-2024-31341 affects Cozmoslabs Profile Builder for WordPress (

CVE-2024-32131 WordPress Download Manager plugin <= 3.2.82 - File Password Lock Bypass vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in W3 Eden Inc. Download Manager allows Functionality Bypass.This issue affects Download Manager: from n/a through 3.2.82...

CVE-2024-32131

CVE-2024-32131 describes an information disclosure in WordPress Download Manager (plugin). The vulnerability, titled Exposure of Sensitive Information to an Unauthorized Actor, allows a password-protected file lock bypass in versions up to 3.2.82 (includes 3.2.82). The CVSS v3.1 score is 7.5 (HIG...

CVE-2024-33917

CVE-2024-33917 is an Authentication Bypass by Spoofing vulnerability in the WordPress plugin WTI Like Post by Webtechideas, affecting versions up to 1.4.6 . Public detail across sources identifies the issue as an IP spoofing-based authentication bypass that could allow bypassing normal access con...

CVE-2024-34434 WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3.2 - Arbitrary Shortcode Execution vulnerability

Incorrect Authorization vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter MDTF allows Code Inclusion, Functionality Misuse.This issue affects WordPress Meta Data and Taxonomies Filter MDTF: from n/a through 1.3.3.2...

CVE-2024-34434

CVE-2024-34434 is an Incorrect Authorization vulnerability in the WordPress MDTF (Meta Data and Taxonomies Filter) plugin. The issue affects MDTF versions from some unknown start until 1.3.3.2 and enables Code Inclusion/Arbitrary Shortcode Execution through a flawed authorization check. Red Hat’s...

PT-2024-25888 · WordPress · Wordpress Meta Data/Taxonomies Filter

Name of the Vulnerable Software and Affected Versions: WordPress Meta Data and Taxonomies Filter MDTF versions 1.3.3.2 and earlier Description: The issue is related to an Incorrect Authorization vulnerability, allowing Code Inclusion and Functionality Misuse. Recommendations: For WordPress Meta...

PT-2024-23984 · Cozmoslabs · Cozmoslabs Profile Builder

Name of the Vulnerable Software and Affected Versions: Cozmoslabs Profile Builder versions prior to 3.11.2 Description: The issue is related to Insufficient Verification of Data Authenticity, allowing Functionality Bypass in Cozmoslabs Profile Builder. Recommendations: For versions prior to 3.11....

GHSA-3783-62VC-JR7X ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git command

ID: NFLX-2024-002 Impact Authenticated users can achieve limited RCE in ConsoleMe, restricted to flag inputs on a single CLI command. Due to this constraint, it is not currently known whether full RCE is possible but it is unlikely. However, a specific flag allows authenticated users to read any...

CVE-2024-3403

imartinez/privategpt version 0.2.0 is vulnerable to a local file inclusion vulnerability that allows attackers to read arbitrary files from the filesystem. By manipulating file upload functionality to ingest arbitrary local files, attackers can exploit the 'Search in Docs' feature or query the AI...

Siemens SIMATIC RTLS Locating Manager Hidden Function Vulnerability

SIMATIC RTLS Locating Manager is used to configure, operate and maintain the SIMATIC RTLS unit, a real-time wireless positioning system that provides locating solutions. A hidden function vulnerability exists in Siemens SIMATIC RTLS Locating Manager due to an affected application containing hidde...

VMware Fusion 13.0.x < 13.5.2 Multiple Vulnerabilities (VMSA-2024-0010)

The version of VMware Fusion installed on the remote macOS or Mac OS X host is 13.0.x prior to 13.5.2. It is, therefore, affected by multiple vulnerabilities. - VMware Workstation and Fusion contain a use-after-free vulnerability in the vbluetooth device. CVE-2024-22267 - VMware Workstation...

CVE-2024-4837

In Progress Telerik Report Server, version 2024 Q1 10.0.24.305 or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via a trust boundary violation vulnerability...

CVE-2023-6322

CVE-2023-6322 affects the Roku Indoor Camera SE (v3.0.2.4679) and Wyze Cam v3 (v4.36.11.5859). The root cause is a stack-based buffer overflow in the message parsing functionality . An attacker who can make authenticated requests can trigger the overflow, potentially leading to impact on confiden...

CVE-2024-33583

A vulnerability has been identified in SIMATIC RTLS Locating Manager 6GT2780-0DA00 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA10 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA20 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA30 All versions...

CVE-2024-22268

VMware Workstation and Fusion contain a heap buffer-overflow vulnerability in the Shader functionality. A malicious actor with non-administrative access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to create a denial of service condition...

CVE-2024-33583

A vulnerability has been identified in SIMATIC RTLS Locating Manager 6GT2780-0DA00 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA10 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA20 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA30 All versions...

CVE-2024-33583

CVE-2024-33583 affects Siemens SIMATIC RTLS Locating Manager families (see 6GT2780-0DA00/0DA10/0DA20/0DA30/1EA10/1EA20/1EA30; all versions

CVE-2024-33583

A vulnerability has been identified in SIMATIC RTLS Locating Manager 6GT2780-0DA00 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA10 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA20 All versions V3.0.1.1, SIMATIC RTLS Locating Manager 6GT2780-0DA30 All versions...