PT-2024-9946 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.21 and earlier Description: The issue is related to a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious...

PT-2024-9871 · Adobe · Indesign Desktop

Name of the Vulnerable Software and Affected Versions: InDesign Desktop versions ID19.5, ID18.5.4 and earlier Description: The issue is related to an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass...

PT-2024-16767 · WordPress · Simple Restrict

Name of the Vulnerable Software and Affected Versions: Simple Restrict plugin for WordPress versions up to, and including, 1.2.7 Description: The issue allows unauthenticated attackers to extract sensitive data from posts restricted to higher-level roles, such as administrators, via the WordPress...

PT-2024-9716 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.21 and earlier Description: The issue is related to insufficient protection of the web page structure in Adobe Experience Manager, which can be exploited by a remote attacker to execute arbitrary code...

PT-2024-9872 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Media Encoder versions 25.0, 24.6.3 and earlier Description: The issue is related to a NULL Pointer Dereference error. Exploitation of this issue could allow an attacker to cause a denial-of-service by crashing the application, which requires...

PT-2024-9715 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.21 and earlier Description: The issue is related to a stored Cross-Site Scripting XSS vulnerability. This vulnerability could be exploited by an attacker to inject malicious scripts into vulnerable form...

PT-2024-9721 · Adobe · Experience Manager

Name of the Vulnerable Software and Affected Versions: Adobe Experience Manager versions 6.5.21 and earlier Description: The issue is related to a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious...

WordPress Simple Restrict plugin <= 1.2.7 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability

Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Simple Restrict versions = 1.2.7...

PT-2024-36558 · Colpack +1 · Colpack +1

Name of the Vulnerable Software and Affected Versions: ColPack versions 1.0.10 through 9a7293a Description: The issue is related to the creation of predictable temporary files in ColPack, located under /tmp with names derived from an unseeded Random Number Generator RNG. This can lead to...

PT-2024-12001 · Unknown · Clever Widgets Enhanced Text Widget

Name of the Vulnerable Software and Affected Versions: Clever Widgets Enhanced Text Widget versions 1.5.8 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Enhanced Text Widget, which allows exploiting incorrectly configured access control security...

PT-2024-12206 · Unknown · Awesome Togi Product Category Tree

Name of the Vulnerable Software and Affected Versions: AWESOME TOGI Product Category Tree versions n/a through 2.5 Description: The issue is related to a Missing Authorization vulnerability in the AWESOME TOGI Product Category Tree, which allows exploitation of incorrectly configured access contr...

PT-2024-36093 · Unknown · Roninwp Revy

Name of the Vulnerable Software and Affected Versions: Roninwp Revy versions 1.18 and earlier Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as a SQL Injection vulnerability. This vulnerability affects the Roninwp Revy...

PT-2024-36106 · Unknown · Wot Elementor Widgets

Name of the Vulnerable Software and Affected Versions: Wot Elementor Widgets versions 1.0.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows DOM-Based XSS. This means that an attacker could potentially inject malicious...

PT-2024-36451 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: Kashipara E-learning Management System version 1.0 Description: The issue concerns a SQL Injection vulnerability in the /admin/delete content.php endpoint. This vulnerability allows for potential exploitation by injecting malicious SQL code...

PT-2024-13689 · Unknown · Clever Widgets Enhanced Text Widget

Name of the Vulnerable Software and Affected Versions: Clever Widgets Enhanced Text Widget versions 1.6.3 and earlier Description: The issue is related to a Missing Authorization vulnerability in the Enhanced Text Widget, which allows exploiting incorrectly configured access control security...

PT-2024-10308 · Apache · Apache Superset

Name of the Vulnerable Software and Affected Versions: Apache Superset versions prior to 4.1.0 Description: The issue is related to the generation of error messages containing analytics metadata information in Apache Superset. This can allow a remote attacker to gain unauthorized access to...

PT-2024-36141 · Unknown · Blazethemes News Kit Elementor Addons

Name of the Vulnerable Software and Affected Versions: BlazeThemes News Kit Elementor Addons versions 1.2.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker c...

PT-2024-28929 · Pentaminds · Pentaminds Curovms

Name of the Vulnerable Software and Affected Versions: Pentaminds CuroVMS version 2.0.1 Description: The issue is related to exposed credentials in the software. This means that sensitive information, such as passwords or other authentication data, is not properly secured and can be accessed by...

PT-2024-36126 · Unknown · Abcbiz Addons/Templates For Elementor

Name of the Vulnerable Software and Affected Versions: ABCBiz Addons and Templates for Elementor versions 2.0.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which leads to a Stored Cross-site Scripting XSS vulnerability. This...

PT-2024-17556 · Guangzhou Huayi Intelligent Technology · Jeewms

Name of the Vulnerable Software and Affected Versions: Guangzhou Huayi Intelligent Technology Jeewms version 1.0.0 Description: A critical issue affects the Druid Monitoring Interface component, specifically the file /jeewms war/webpage/system/druid/index.html, leading to improper authorization...