CVE-2023-51672

CVE-2023-51672 affects FunnelKit Checkout (WordPress plugin). The issue is Unauthenticated Arbitrary Content Deletion (arbitrary post/page deletion) due to missing authorization, affecting FunnelKit Checkout versions up to and including 3.10.3. The CVSS 3.1 base score is 7.5 (HIGH) with network a...

CVE-2024-29019

CVE-2024-29019 affects ESPHome’s dashboard API (version 2023.12.9 and prior) and is due to a CSRF flaw that lets a logged-in user’s session perform operations on configuration files if the victim visits a weaponized page. The issue enables bypassing authentication for API calls that manipulate co...

CVE-2024-27966

CVE-2024-27966 is a stored XSS in the WordPress plugin “Quiz And Survey Master” (ExpressTech) affecting versions up to 8.2.2. The root cause is improper neutralization of input during web page generation, enabling stored cross-site scripting when used by authenticated users. Wordfence/RedHat/NVD ...

CVE-2024-27967

CVE-2024-27967 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the plugin “DSGVO All in one for WP” by Michael Leithold. The vulnerability affects versions from n/a up to 4.3. The NVD metrics indicate a high-severity impact (CVSS v3.1: 8.8, HIGH) with network attack vector, no priv...

CVE-2024-27969

CVE-2024-27969 affects the Free Downloads WooCommerce WordPress plugin (Free Downloads WooCommerce) and is a Stored XSS vulnerability. It impacts Free Downloads WooCommerce versions up to 3.5.8.2 and arises from improper input neutralization during web page generation. Public sources in the Conne...

CVE-2024-27985

CVE-2024-27985 : Deserialization of untrusted data in PropertyHive (WordPress) allows PHP Object Injection in versions up to 2.0.9 (authenticated as Subscriber+). Impact details per CVSS: 8.8 (HIGH) with network attack vector, no user interaction required; affects confidentiality, integrity, and ...

CVE-2024-27988

CVE-2024-27988 affects the WordPress plugin WEN Responsive Columns (

CVE-2024-27989

CVE-2024-27989 is a Cross‑site Scripting vulnerability in the WordPress plugin WP Responsive Tabs horizontal, vertical, and accordion Tabs. Multiple connected sources confirm a stored XSS flaw arising from improper neutralization of input during web page generation, affecting the plugin’s tab com...

CVE-2024-27991

CVE-2024-27991 affects the WordPress plugin SupportCandy (up to version 3.2.3). The issue is a Stored XSS caused by improper input neutralization during web page generation. Impact is stored XSS on affected pages; patch is available in 3.2.3 (upgrade to 3.2.3 or later). Other sources (Red Hat, NV...

CVE-2022-21698 affecting package node-problem-detector for versions less than 0.8.15-1

CVE-2022-21698 affecting package node-problem-detector for versions less than 0.8.15-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-29526 affecting package node-problem-detector for versions less than 0.8.15-1

CVE-2022-29526 affecting package node-problem-detector for versions less than 0.8.15-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-32149 affecting package node-problem-detector for versions less than 0.8.15-1

CVE-2022-32149 affecting package node-problem-detector for versions less than 0.8.15-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-44716 affecting package node-problem-detector for versions less than 0.8.15-1

CVE-2021-44716 affecting package node-problem-detector for versions less than 0.8.15-1. An upgraded version of the package is available that resolves this issue...

Unable to delete versions of vdisks after creating a new merged base

Unable to delete previous versions of a vdisk after merging to a new base. No Target devices were using those versions but Delete was greyed out...

IBM CICS TX Standard and Advanced suffers from a cryptographic problem vulnerability (CNVD-2024-15366)

IBM CICS TX Standardand Advanced is a comprehensive, single transaction runtime package from International Business Machines IBM, Inc. It can provide a cloud-native deployment model for standalone applications. IBM CICS TX Standard and Advanced has a cryptographic issue vulnerability that stems...

CVE-2024-28418

RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided...

CVE-2024-28383

RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided...

CVE-2024-27986

RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided...

CVE-2024-25650

RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided...

CVE-2024-25649

RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided...