WordPress Spa and Salon Theme <= 1.2.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Spa and Salon Type Theme Vulnerable versions = 1.2.7 Fixed in 1.2.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31384 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e57c469e3394 Credits Dhabaleshwar Das...

WordPress Amelia Plugin <= 1.0.95 is vulnerable to Cross Site Request Forgery (CSRF)

Software Amelia Type Plugin Vulnerable versions = 1.0.95 Fixed in 1.0.96 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31425 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 24abe35a417b Credits Yudistira Arya Required...

WordPress Panoramic Theme <= 1.1.56 is vulnerable to Cross Site Request Forgery (CSRF)

Software Panoramic Type Theme Vulnerable versions = 1.1.56 Fixed in 1.1.57 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31386 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e5f66021e2ac Credits Dhabaleshwar Das Require...

WordPress AppPresser Plugin <= 4.3.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software AppPresser Type Plugin Vulnerable versions = 4.3.0 Fixed in 4.3.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31374 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID de5dfcfcccba Credits Mika Required privilege...

WordPress Slider Revolution Plugin <= 6.6.20 is vulnerable to Cross Site Scripting (XSS)

Software Slider Revolution Type Plugin Vulnerable versions = 6.6.20 Fixed in 6.7.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2306 Patch priority Low CVSS severity Low 5.9 Developer ThemePunch PSID 25a221b7c033 Credits wesley wcraft Nikolas - md...

WordPress AIKit Plugin <= 4.14.1 is vulnerable to SQL Injection

Software AIKit Type Plugin Vulnerable versions = 4.14.1 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-31370 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID c83bf0f61f88 Credits Ivan Spiridonov Required privilege Contributor Published 9...

编号撤回

Please is a sudo clone by ed neville personal developer. This CVE number has been withdrawn...

WordPress Post Type Builder (PTB) Plugin < 2.1.4 is vulnerable to Content Injection

Software Post Type Builder PTB Type Plugin Vulnerable versions 2.1.4 Fixed in 2.1.4 OWASP Top 10 A1: Broken Access Control Classification Content Injection CVE CVE-2024-31366 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 60019a0448c7 Credits Dave Jong Patchstack...

KLA65508 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft ODBC Driver for SQL Server can be exploited remotely to...

WordPress WP Event Aggregator Plugin <= 1.7.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Event Aggregator Type Plugin Vulnerable versions = 1.7.6 Fixed in 1.7.7 OWASP Top 10 A4: Insecure Design Classification Cross Site Request Forgery CSRF CVE CVE-2024-31371 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c79f1a6daa54 Credits Majed Refaea Required...

WordPress Image Watermark Plugin <= 1.7.3 is vulnerable to Broken Access Control

Software Image Watermark Type Plugin Vulnerable versions = 1.7.3 Fixed in 1.7.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1994 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 790ca7ba3a40 Credits Lucio Sá Required privilege...

WordPress WP-Stateless Plugin <= 3.4.0 is vulnerable to Broken Access Control

Software WP-Stateless Type Plugin Vulnerable versions = 3.4.0 Fixed in 3.4.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1385 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 12374ce1567e Credits Krzysztof Zając Required...

WordPress 5 Stars Rating Funnel Plugin <= 1.2.67 is vulnerable to Arbitrary Content Deletion

Software 5 Stars Rating Funnel Type Plugin Vulnerable versions = 1.2.67 Fixed in 1.3.02 OWASP Top 10 A1: Broken Access Control Classification Arbitrary Content Deletion CVE CVE-2024-31358 Patch priority Medium CVSS severity Medium 7.5 Developer Tobias PSID bd96c1e147ac Credits Emili Castells...

WordPress FooGallery Plugin <= 2.4.14 is vulnerable to Cross Site Scripting (XSS)

Software FooGallery Type Plugin Vulnerable versions = 2.4.14 Fixed in 2.4.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2471 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ca4e1f65de9f Credits Tim Coen Required privilege...

WordPress EmbedPress Plugin <= 3.9.14 is vulnerable to Cross Site Scripting (XSS)

Software EmbedPress Type Plugin Vulnerable versions = 3.9.14 Fixed in 3.9.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3244 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 41b83bc25a78 Credits wesley wcraft Required...

WordPress Sydney Toolbox Plugin <= 1.28 is vulnerable to Cross Site Scripting (XSS)

Software Sydney Toolbox Type Plugin Vulnerable versions = 1.28 Fixed in 1.29 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3208 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 891857493b6c Credits wesley wcraft Required...

WordPress Bannerlid Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Bannerlid Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3048 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID febfae6c0eaf Credits Bob Matyas Required...

WordPress Premmerce Product Filter for WooCommerce Plugin <= 3.7.2 is vulnerable to Broken Access Control

Software Premmerce Product Filter for WooCommerce Type Plugin Vulnerable versions = 3.7.2 Fixed in 3.7.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31359 Patch priority Low CVSS severity Low 4.3 Developer Premmerce PSID 053807f2d4c0 Credits Dhabaleshw...

WordPress User Activity Log Plugin <= 1.9 is vulnerable to SQL Injection

Software User Activity Log Type Plugin Vulnerable versions = 1.9 Fixed in 2.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-31356 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 35f222cae91f Credits Muhammad Daffa Required privilege Administrator...

WordPress Hello Elementor Theme <= 3.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Hello Elementor Type Theme Vulnerable versions = 3.0.0 Fixed in 3.0.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31289 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8b6c120716f6 Credits Dhabaleshwar Das...