Lucene search
+L

282 matches found

BDU FSTEC
BDU FSTEC
added 2024/12/16 12:0 a.m.8 views

The vulnerability of the Adobe Animate software for creating multimedia and computer animations, related to a countable loss of significance, allows attackers to execute arbitrary code.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations is related to a countable amount of significance loss. Exploiting this vulnerability allows an attacker to execute arbitrary code...

7.8CVSS5.8AI score0.00415EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2024/11/28 9:47 a.m.16 views

CVE-2024-11082 Tumult Hype Animations <= 1.9.15 - Authenticated (Author+) Arbitrary File Upload via hypeanimations_panel Function

The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimationspanel function in all versions up to, and including, 1.9.15. This makes it possible for authenticated attackers, with Author-level access and above, to...

9.9CVSS8AI score0.01163EPSS
Exploits0References5
OSV
OSV
added 2024/11/28 9:47 a.m.8 views

CVE-2024-11082 Tumult Hype Animations <= 1.9.15 - Authenticated (Author+) Arbitrary File Upload via hypeanimations_panel Function

The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimationspanel function in all versions up to, and including, 1.9.15. This makes it possible for authenticated attackers, with Author-level access and above, to...

9.9CVSS7.9AI score0.01163EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/11/28 12:0 a.m.3 views

WordPress plugin Tumult Hype Animations 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in...

9.9CVSS8.6AI score0.01163EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/11/28 12:0 a.m.8 views

PT-2024-16745 · Tumult · Tumult Hype Animations

Name of the Vulnerable Software and Affected Versions: Tumult Hype Animations plugin for WordPress versions up to, and including, 1.9.15 Description: The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimations...

9.9CVSS8.1AI score0.01163EPSS
Exploits0References12
Patchstack
Patchstack
added 2024/11/27 11:16 p.m.3 views

WordPress Tumult Hype Animations plugin <= 1.9.15 - Authenticated (Author+) Arbitrary File Upload via hypeanimations_panel Function vulnerability

Authenticated Author+ Arbitrary File Upload via hypeanimationspanel Function vulnerability discovered by vgo0 in WordPress Plugin Tumult Hype Animations versions = 1.9.15...

9.9CVSS7AI score0.01163EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/11/16 12:0 a.m.15 views

Fedora 40 : webkitgtk (2024-4d940908db)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4d940908db advisory. Update to WebKitGTK 2.46.3: Flatten layers to a plane when preseve-3d style is set. Fix DuckDuckGo links by adding a user agent quirk. Fix several...

5.4CVSS6.6AI score0.0095EPSS
Exploits0References3
OSV
OSV
added 2024/11/06 7:15 a.m.5 views

CVE-2024-10543

The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hypeanimationsgetcontent function in all versions up to, and including, 1.9.14. This makes it possible for authenticated attackers, with Subscriber-level access an...

4.3CVSS5.8AI score0.003EPSS
Exploits0References2
CVE
CVE
added 2024/11/06 6:43 a.m.53 views

CVE-2024-10543

CVE-2024-10543 affects Tumult Hype Animations plugin for WordPress. The vulnerability is a missing capability check in hypeanimations_getcontent that enables authenticated users with Subscriber-level access or higher to retrieve animation data. It affects all versions up to and including 1.9.14. ...

4.3CVSS4.2AI score0.003EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/11/06 6:43 a.m.21 views

CVE-2024-10543 Tumult Hype Animations <= 1.9.14 - Missing Authorization

The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hypeanimationsgetcontent function in all versions up to, and including, 1.9.14. This makes it possible for authenticated attackers, with Subscriber-level access an...

4.3CVSS0.003EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/06 12:0 a.m.5 views

WordPress plugin Tumult Hype Animations 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8AI score0.003EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/11/05 10:12 p.m.7 views

WordPress Tumult Hype Animations plugin <= 1.9.14 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin Tumult Hype Animations versions = 1.9.14...

4.3CVSS7AI score0.003EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/05 12:0 a.m.8 views

PT-2024-16357 · Tumult · Tumult Hype Animations

Name of the Vulnerable Software and Affected Versions: Tumult Hype Animations plugin for WordPress versions up to, and including, 1.9.14 Description: The issue is related to unauthorized access of data due to a missing capability check on the hypeanimations getcontent function. This allows...

4.3CVSS7AI score0.003EPSS
Exploits0References9
Patchstack
Patchstack
added 2024/11/05 12:0 a.m.16 views

WordPress Tumult Hype Animations Plugin <= 1.9.14 is vulnerable to Broken Access Control

Software Tumult Hype Animations Type Plugin Vulnerable versions = 1.9.14 Fixed in 1.9.15 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10543 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1d6ac9386f94 Credits Tieu Pham Trong Nhan...

4.3CVSS4.6AI score0.003EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/10/17 6:48 p.m.24 views

CVE-2024-49308 WordPress Animator – Scroll Triggered Animations plugin <= 3.0.15 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Toast Plugins Animator scroll-triggered-animations allows Reflected XSS.This issue affects Animator: from n/a through = 3.0.15...

7.1CVSS0.00259EPSS
Exploits0References1
Fedora
Fedora
added 2024/05/29 3:37 a.m.22 views

[SECURITY] Fedora 40 Update: qt6-qtlottie-6.7.1-1.fc40

Qt Lottie Animation provides a QML API for rendering graphics and animations that are exported in JSON format by the Bodymovin plugin for Adobe After Effects...

9.8CVSS6.3AI score0.0097EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/05/22 12:0 a.m.6 views

The vulnerability of the Adobe Animate software for creating multimedia and computer animations, related to integer overflow, allows attackers to execute arbitrary code.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code...

7.8CVSS5.9AI score0.00398EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/05/15 3:15 a.m.6 views

CVE-2024-3189

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Testimonial', 'Progress Bar', 'Lottie Animations', 'Row Layout', 'Google Maps', and 'Advanced Gallery' blocks in all versions up to, and including,...

5.4CVSS5.9AI score0.00409EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/05/15 2:32 a.m.25 views

CVE-2024-3189 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.37 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Testimonial', 'Progress Bar', 'Lottie Animations', 'Row Layout', 'Google Maps', and 'Advanced Gallery' blocks in all versions up to, and including,...

5.4CVSS5.8AI score0.00409EPSS
Exploits0References4
CVE
CVE
added 2024/05/15 2:32 a.m.51 views

CVE-2024-3189

CVE-2024-3189 affects Gutenberg Blocks by Kadence Blocks – Page Builder Features for WordPress. All versions ≤ 3.2.37 are vulnerable to Stored XSS via the plugin blocks (Testimonial, Progress Bar, Lottie Animations, Row Layout, Google Maps, Advanced Gallery) due to insufficient input sanitization...

5.4CVSS5.7AI score0.00409EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder