Lucene search
K

156 matches found

Vulnrichment
Vulnrichment
added 2024/10/18 5:32 p.m.44 views

CVE-2024-9593 Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Unauthenticated (Limited) Remote Code Execution

The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 for Time Clock and 1.1.4 for Time Clock Pro via the 'etimeclockwploadfunctioncallback' function. This allows unauthenticated attackers to execute code on t...

8.3CVSS8AI score0.12491EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/10/18 5:32 p.m.31 views

CVE-2024-9593 Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Unauthenticated (Limited) Remote Code Execution

The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 for Time Clock and 1.1.4 for Time Clock Pro via the 'etimeclockwploadfunctioncallback' function. This allows unauthenticated attackers to execute code on t...

8.3CVSS0.12491EPSS
Exploits1References3
CVE
CVE
added 2024/10/18 5:32 p.m.94 views

CVE-2024-9593

CVE-2024-9593 affects WordPress plugins Time Clock (&lt;= 1.2.2) and Time Clock Pro (

8.3CVSS8.7AI score0.12491EPSS
In wildExploits1References3Affected Software1
GithubExploit
GithubExploit
added 2024/10/18 9:11 a.m.84 views

Exploit for Code Injection in Wpplugin Time_Clock

CVE-2024-9593 Time Clock = 1.2.2 & Time Clock Pro...

8.3CVSS9.9AI score0.12491EPSS
Exploits1
Patchstack
Patchstack
added 2024/10/18 5:54 a.m.11 views

WordPress Time Clock Pro plugin <= 1.1.4 - Unauthenticated (Limited) Remote Code Execution vulnerability

Unauthenticated Limited Remote Code Execution vulnerability discovered by István Márton in WordPress Plugin Time Clock Pro versions = 1.1.4...

8.3CVSS7.5AI score0.12491EPSS
Exploits1References1Affected Software1
Patchstack
Patchstack
added 2024/10/18 5:53 a.m.12 views

WordPress Time Clock plugin <= 1.2.2 - Unauthenticated (Limited) Remote Code Execution vulnerability

Unauthenticated Limited Remote Code Execution vulnerability discovered by István Márton in WordPress Plugin Time Clock versions = 1.2.2...

8.3CVSS7.5AI score0.12491EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/10/18 12:0 a.m.7 views

WordPress plugin Time Clock plugin and Time Clock Pro 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code injection vulnerability exis...

8.3CVSS8.1AI score0.12491EPSS
Exploits1References4
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.27 views

WordPress Time Clock Plugin <= 1.2.2 is vulnerable to Remote Code Execution (RCE)

Software Time Clock Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.3 OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-9593 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID ba1ac64c553d Credits István Márton Required privilege...

8.3CVSS7.3AI score0.12491EPSS
Exploits1References3Affected Software1
Patchstack
Patchstack
added 2024/10/18 12:0 a.m.21 views

WordPress Time Clock Pro Plugin <= 1.1.4 is vulnerable to Remote Code Execution (RCE)

Software Time Clock Pro Type Plugin Vulnerable versions = 1.1.4 Fixed in 1.1.5 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2024-9593 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID 9837dd0a77ff Credits István Márton Required privilege...

8.3CVSS7.2AI score0.12491EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/10/07 12:0 a.m.10 views

PT-2024-9994 · WordPress · Time Clock +1

Name of the Vulnerable Software and Affected Versions: Time Clock plugin versions up to 1.2.2 Time Clock Pro plugin versions up to 1.1.4 Description: The issue concerns the etimeclockwp load function callback function, which is related to improper management of code generation. This allows...

8.3CVSS8.3AI score0.12491EPSS
Exploits1References17
OSV
OSV
added 2024/09/04 7:15 p.m.3 views

DEBIAN-CVE-2024-44953

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix deadlock during RTC update There is a deadlock when runtime suspend waits for the flush of RTC work, and the RTC work calls ufshcdrpmgetsync to wait for runtime resume. Here is deadlock backtrace: kworker/0:1...

5.5CVSS5.6AI score0.00164EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/04 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a deadlock during an update RTC in the scsi: ufs component...

5.5CVSS6.7AI score0.00164EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.4 views

kernel: rtc: class: Fix potential memleak in devm_rtc_allocate_device()

In the Linux kernel, the following vulnerability has been resolved: rtc: class: Fix potential memleak in devmrtcallocatedevice devmrtcallocatedevice will alloc a rtcdevice first, and then run devsetname. If devsetname failed, the rtcdevice will memleak. Move devmaddactionorreset in front of...

5.5CVSS6.8AI score0.00143EPSS
Exploits0References5
NVD
NVD
added 2023/04/23 10:15 a.m.15 views

CVE-2022-44594

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Codebangers All in One Time Clock Lite plugin = 1.3.320 versions...

4.8CVSS4.8AI score0.00392EPSS
Exploits0References1
OSV
OSV
added 2023/04/23 10:15 a.m.5 views

CVE-2022-44594

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Codebangers All in One Time Clock Lite plugin = 1.3.320 versions...

4.8CVSS5.8AI score0.00392EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/23 9:2 a.m.17 views

CVE-2022-44594 WordPress All in One Time Clock Lite Plugin <= 1.3.320 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Codebangers All in One Time Clock Lite plugin = 1.3.320 versions...

4.8CVSS5.1AI score0.00392EPSS
Exploits0References1
CVE
CVE
added 2023/04/23 9:2 a.m.34 views

CVE-2022-44594

Codebangers All in One Time Clock Lite plugin for WordPress is affected by a Stored XSS vulnerability in versions prior to 1.3.321 (the CVE-2022-44594 family). Exploitation concerns admin users (administrative privilege level). Mitigation: upgrade to version 1.3.321 or later to fix the issue. If ...

4.8CVSS4.8AI score0.00392EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/23 12:0 a.m.5 views

PT-2023-14514 · Codebangers · Codebangers All In One Time Clock Lite

Name of the Vulnerable Software and Affected Versions: Codebangers All in One Time Clock Lite plugin versions prior to 1.3.321 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects administrative users. This type of vulnerability allows an attacker to...

4.8CVSS4.7AI score0.00392EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/04/23 12:0 a.m.3 views

WordPress Plugin All in One Time Clock Lite 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

4.8CVSS5AI score0.00392EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.6 views

PT-2023-33537 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.17 Description: A function prototype mismatch was found in the msc313 rtc probe function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior...

7.3AI score
Exploits0References1
Rows per page
Query Builder