CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2024/09/27 6:15 a.m.•15 views

CVE-2024-8922

8.8CVSS0.00781EPSS

Cvelist•added 2024/09/27 5:31 a.m.•24 views

CVE-2024-8922 Product Enquiry for WooCommerce <= 2.2.33.33 - Authenticated (Author+) PHP Object Injection in enquiry_detail.php

8.8CVSS0.00781EPSS

Vulnrichment•added 2024/09/27 5:31 a.m.•11 views

CVE-2024-8922 Product Enquiry for WooCommerce <= 2.2.33.33 - Authenticated (Author+) PHP Object Injection in enquiry_detail.php

8.8CVSS7.2AI score0.00781EPSS

CVE•added 2024/09/27 5:31 a.m.•45 views

CVE-2024-8922

The CVE-2024-8922 entry concerns WordPress → Product Enquiry for WooCommerce plugin (versions

8.8CVSS8.8AI score0.00781EPSS

Exploits0References2Affected Software1

Patchstack•added 2024/09/27 1:25 a.m.•2 views

WordPress Product Enquiry for WooCommerce plugin <= 2.2.33.33 - Authenticated (Author+) PHP Object Injection in enquiry_detail.php vulnerability

Authenticated Author+ PHP Object Injection in enquirydetail.php vulnerability discovered by Francesco Carlucci in WordPress Plugin Product Enquiry for WooCommerce versions = 2.2.33.33...

8.8CVSS7.3AI score0.00781EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/09/27 12:0 a.m.•8 views

WordPress Product Enquiry for WooCommerce Plugin <= 2.2.33.33 is vulnerable to PHP Object Injection

Software Product Enquiry for WooCommerce Type Plugin Vulnerable versions = 2.2.33.33 Fixed in 2.2.33.34 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-8922 Patch priority Medium CVSS severity Medium 7.2 Developer Claim ownership PSID f788257a9413 Credits Francesco...

8.8CVSS6.9AI score0.00781EPSS

Positive Technologies•added 2024/09/26 12:0 a.m.•1 views

PT-2024-39323 · Woocommerce · Product Enquiry For Woocommerce

Name of the Vulnerable Software and Affected Versions: The Product Enquiry for WooCommerce versions up to, and including, 2.2.33.32 Description: The vulnerability concerns PHP Object Injection via deserialization of untrusted input in enquiry detail.php. This allows authenticated attackers with...

8.8CVSS7.7AI score0.00781EPSS

Exploits0References11

Patchstack•added 2024/09/25 6:38 a.m.•4 views

WordPress Prisna GWT - Google Website Translator plugin <= 1.4.11 - Authenticated (Admin+) PHP Object Injection vulnerability

WordPress Prisna GWT - Google Website Translator plugin = 1.4.11 - Authenticated Admin+ PHP Object Injection vulnerability discovered by Lesor101 in WordPress Plugin Prisna GWT – Google Website Translator versions = 1.4.11...

9.1CVSS7.3AI score0.00968EPSS

Exploits0References1Affected Software1

OSV•added 2024/09/25 4:15 a.m.•3 views

CVE-2024-8514

The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.11 via deserialization of untrusted input from the 'prisnaimport' parameter. This makes it possible for authenticated attackers, with Administrator-level...

7.2CVSS6AI score0.00968EPSS

NVD•added 2024/09/25 4:15 a.m.•12 views

CVE-2024-8514

9.1CVSS0.00968EPSS

Cvelist•added 2024/09/25 3:27 a.m.•21 views

CVE-2024-8514 Prisna GWT - Google Website Translator <= 1.4.11 - Authenticated (Admin+) PHP Object Injection

9.1CVSS0.00968EPSS

Vulnrichment•added 2024/09/25 3:27 a.m.•11 views

CVE-2024-8514 Prisna GWT - Google Website Translator <= 1.4.11 - Authenticated (Admin+) PHP Object Injection

9.1CVSS9.2AI score0.00968EPSS

CVE•added 2024/09/25 3:27 a.m.•52 views

CVE-2024-8514

CVE-2024-8514 : The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to authenticated PHP Object Injection via deserialization of input in the prisna_import parameter for versions up to and including 1.4.11. An attacker with Administrator-level access could inject a PHP o...

9.1CVSS8.2AI score0.00968EPSS

Patchstack•added 2024/09/25 12:0 a.m.•12 views

WordPress Prisna GWT – Google Website Translator Plugin <= 1.4.11 is vulnerable to PHP Object Injection

Software Prisna GWT – Google Website Translator Type Plugin Vulnerable versions = 1.4.11 Fixed in 1.4.12 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-8514 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID 96a1cccedfb0 Credits Lesor101 Required...

9.1CVSS6.9AI score0.00968EPSS

Positive Technologies•added 2024/09/24 12:0 a.m.•4 views

PT-2024-39066 · WordPress · Prisna Gwt – Google Website Translator

Name of the Vulnerable Software and Affected Versions: Prisna GWT – Google Website Translator plugin for WordPress versions up to, and including, 1.4.11 Description: The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object Injection via deserialization of...

9.1CVSS7.5AI score0.00968EPSS

Exploits0References13

Patchstack•added 2024/09/24 12:0 a.m.•13 views

WordPress Easy Digital Downloads Plugin <= 3.3.3 is vulnerable to PHP Object Injection

Software Easy Digital Downloads Type Plugin Vulnerable versions = 3.3.3 Fixed in 3.3.4 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2022-2439 Patch priority Low CVSS severity Low 6.6 Developer Claim ownership PSID 526dc70018f3 Credits Rasoul Jahanshahi Required privilege...

7.2CVSS6.9AI score0.00671EPSS

Patchstack•added 2024/09/13 12:0 a.m.•11 views

WordPress WP Editor Plugin <= 1.2.9 is vulnerable to PHP Object Injection

Software WP Editor Type Plugin Vulnerable versions = 1.2.9 Fixed in 1.2.9.1 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2022-2446 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID 2c7bc2d905b6 Credits Rasoul Jahanshahi Required privilege...

7.2CVSS6.9AI score0.00561EPSS