Exploit for Improper Initialization in Linux Linux_Kernel

megaquagga-pentest-re...

Exploit for Missing Authorization in Xlplugins Nextmove

CVE-2024-25092 Exploit Overview CVE-2024-25092 is a...

Avada Theme < 7.11.14 - Unauthenticated Arbitrary Shortcode Execution

Description The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.11.13. This is due to the software allowing users to execute an action that does not properly validate a value before...

CVE-2024-11437 Timeline Designer <= 1.4 - Authenticated (Admin+) SQL Injection

The Timeline Designer plugin for WordPress is vulnerable to SQL Injection via the 's' parameter in all versions up to, and including, 1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2024-43235

Missing Authorization vulnerability in MetaBox.Io Meta Box – WordPress Custom Fields Framework allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meta Box – WordPress Custom Fields Framework: from n/a through 5.9.10...