Lucene search
K

213680 matches found

Prion
Prion
•added 2024/12/31 1:15 p.m.•8 views

CVE-2024-56205

Incorrect Privilege Assignment vulnerability in AI Magic allows Privilege Escalation.This issue affects AI Magic: from n/a through 1.0.4...

0.00609EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 1:15 p.m.•11 views

CVE-2024-56031

Missing Authorization vulnerability in Yulio Aleman Jimenez Smart Shopify Product allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Shopify Product: from n/a through 1.0.2...

0.0036EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 1:15 p.m.•12 views

CVE-2024-56039

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VibeThemes VibeBP allows SQL Injection.This issue affects VibeBP: from n/a before 1.9.9.7.7...

0.00598EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 1:15 p.m.•15 views

CVE-2024-56071

Incorrect Privilege Assignment vulnerability in Mike Leembruggen Simple Dashboard allows Privilege Escalation.This issue affects Simple Dashboard: from n/a through 2.0...

0.00609EPSS
Exploits1References1
Prion
Prion
•added 2024/12/31 1:15 p.m.•11 views

CVE-2024-56068

Deserialization of Untrusted Data vulnerability in Azzaroco WP SuperBackup.This issue affects WP SuperBackup: from n/a through 2.3.3...

0.00426EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 1:15 p.m.•11 views

CVE-2024-55991

Missing Authorization vulnerability in WP-CRM WP-CRM System allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through 3.2.9.1...

0.00334EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 1:15 p.m.•11 views

CVE-2024-56046

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through 1.9.9...

0.00743EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 1:15 p.m.•18 views

CVE-2023-50850

Missing Authorization vulnerability in Woo WooCommerce Subscriptions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Subscriptions: from n/a before 5.8.0...

0.00359EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 1:15 p.m.•39 views

CVE-2024-56042

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3...

0.00688EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 1:15 p.m.•14 views

CVE-2024-56041

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VibeThemes VibeBP allows SQL Injection.This issue affects VibeBP: from n/a before 1.9.9.5.1...

0.00479EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 1:15 p.m.•17 views

CVE-2024-56067

Missing Authorization vulnerability in Azzaroco WP SuperBackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a through 2.3.3...

0.10034EPSS
Exploits2References1
Prion
Prion
•added 2024/12/31 1:15 p.m.•14 views

CVE-2023-48775

Missing Authorization vulnerability in Gfazioli WP Cleanfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cleanfix: from n/a through 5.6.2...

0.00369EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 1:15 p.m.•53 views

CVE-2024-56064

Unrestricted Upload of File with Dangerous Type vulnerability in Azzaroco WP SuperBackup allows Upload a Web Shell to a Web Server.This issue affects WP SuperBackup: from n/a through 2.3.3...

0.14488EPSS
Exploits2References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•16 views

CVE-2024-56217

Missing Authorization vulnerability in W3 Eden, Inc. Download Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Download Manager: from n/a through 3.3.03...

0.00279EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•14 views

CVE-2024-56225

Missing Authorization vulnerability in Leap13 Premium Addons for Elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Premium Addons for Elementor: from n/a through 4.10.56...

0.003EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•8 views

CVE-2024-56256

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Andy Fragen Embed PDF Viewer allows Stored XSS.This issue affects Embed PDF Viewer: from n/a through 2.3.1...

0.00231EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•14 views

CVE-2024-56215

Missing Authorization vulnerability in Stephen Sherrard Member Directory and Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Member Directory and Contact Form: from n/a through 1.7.0...

0.00251EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•11 views

CVE-2024-56235

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Coupon Plugin Coupon allows DOM-Based XSS.This issue affects Coupon: from n/a through 1.2.1...

0.00226EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•10 views

CVE-2024-56210

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DeluxeThemes Userpro allows Reflected XSS.This issue affects Userpro: from n/a through 5.1.9...

0.0027EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•12 views

CVE-2024-56224

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ledenbeheer allows Stored XSS.This issue affects Ledenbeheer: from n/a through 2.1.0...

0.00226EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•8 views

CVE-2024-56221

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elicus WPMozo Addons Lite for Elementor allows Stored XSS.This issue affects WPMozo Addons Lite for Elementor: from n/a through 1.2.0...

0.00226EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•13 views

CVE-2024-56226

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Royal Royal Elementor Addons allows Reflected XSS.This issue affects Royal Elementor Addons: from n/a through 1.7.1001...

0.00275EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•11 views

CVE-2024-56265

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPWeb WooCommerce PDF Vouchers allows Reflected XSS.This issue affects WooCommerce PDF Vouchers: from n/a before 4.9.9...

0.00275EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•8 views

CVE-2024-56233

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kinhelios Kintpv Wooconnect allows Stored XSS.This issue affects Kintpv Wooconnect: from n/a through 8.129...

0.00255EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•9 views

CVE-2024-56209

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SeventhQueen Kleo allows Reflected XSS.This issue affects Kleo: from n/a before 5.4.4...

0.0027EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•13 views

CVE-2024-56219

Missing Authorization vulnerability in MarketingFire Widget Options allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widget Options: from n/a through 4.0.6.1...

0.00333EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•16 views

CVE-2024-56227

Missing Authorization vulnerability in WP Royal Royal Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Royal Elementor Addons: from n/a through 1.7.1001...

0.00275EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•13 views

CVE-2024-56231

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Debuggers Studio SaasPricing allows DOM-Based XSS.This issue affects SaasPricing: from n/a through 1.1.4...

0.00226EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•10 views

CVE-2024-56228

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPFactory Wishlist for WooCommerce: Multi Wishlists Per Customer allows Reflected XSS.This issue affects Wishlist for WooCommerce: Multi Wishlists Per Customer: from n/a through 3.1.2...

0.0027EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•8 views

CVE-2024-56234

Missing Authorization vulnerability in VW THEMES VW Automobile Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Automobile Lite: from n/a through 2.1...

0.00305EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 11:15 a.m.•10 views

CVE-2024-56223

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fahad Mahmood Gulri Slider allows Reflected XSS.This issue affects Gulri Slider: from n/a through 3.5.8...

0.0027EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 10:15 a.m.•15 views

CVE-2024-56216

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Themify Themify Builder allows PHP Local File Inclusion.This issue affects Themify Builder: from n/a through 7.6.3...

0.00449EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 10:15 a.m.•11 views

CVE-2024-56229

Cross-Site Request Forgery CSRF vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.6...

0.00166EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 10:15 a.m.•11 views

CVE-2024-56218

Cross-Site Request Forgery CSRF vulnerability in AuRise Creative, SevenSpark Contact Form 7 Dynamic Text Extension allows Cross Site Request Forgery.This issue affects Contact Form 7 Dynamic Text Extension: from n/a through 5.0.1...

0.00147EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 10:15 a.m.•16 views

CVE-2024-56213

Path Traversal: '.../...//' vulnerability in Themewinter Eventin allows Path Traversal.This issue affects Eventin: from n/a through 4.0.7...

0.00555EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 10:15 a.m.•12 views

CVE-2024-56230

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Dynamic Web Lab Dynamic Product Category Grid, Slider for WooCommerce allows PHP Local File Inclusion.This issue affects Dynamic Product Category Grid, Slider for WooCommerce: fr...

0.00534EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 10:15 a.m.•8 views

CVE-2024-56232

Cross-Site Request Forgery CSRF vulnerability in Alexander Volkov WP Nice Loader allows Stored XSS.This issue affects WP Nice Loader: from n/a through 0.1.0.4...

0.00149EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 10:15 a.m.•11 views

CVE-2024-56212

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in DeluxeThemes Userpro.This issue affects Userpro: from n/a through 5.1.9...

0.00377EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 10:15 a.m.•7 views

CVE-2024-56214

Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro allows Path Traversal.This issue affects Userpro: from n/a through 5.1.9...

0.00414EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 10:15 a.m.•9 views

CVE-2024-56211

Missing Authorization vulnerability in DeluxeThemes Userpro.This issue affects Userpro: from n/a through 5.1.9...

0.00423EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 10:15 a.m.•14 views

CVE-2024-56222

Cross-Site Request Forgery CSRF vulnerability in Codebard CodeBard Help Desk allows Cross Site Request Forgery.This issue affects CodeBard Help Desk: from n/a through 1.1.1...

0.0016EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 10:15 a.m.•11 views

CVE-2024-56220

Incorrect Privilege Assignment vulnerability in SSL Wireless SSL Wireless SMS Notification allows Privilege Escalation.This issue affects SSL Wireless SMS Notification: from n/a through 3.5.0...

0.00451EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 9:15 a.m.•14 views

CVE-2024-49422

Protection Mechanism Failure in bootloader prior to SMR Oct-2024 Release 1 allows physical attackers to reset lockscreen failure count by hardware fault injection. User interaction is required for triggering this vulnerability...

0.00194EPSS
Exploits0References1
Prion
Prion
•added 2024/12/31 3:15 a.m.•15 views

CVE-2024-45497

A flaw was found in the OpenShift build process, where the docker-build container is configured with a hostPath volume mount that maps the node's /var/lib/kubelet/config.json file into the build pod. This file contains sensitive credentials necessary for pulling images from private repositories...

7.6CVSS0.00548EPSS
Exploits0References2
Prion
Prion
•added 2024/12/31 2:15 a.m.•11 views

CVE-2024-12839

The login mechanism via device authentication of CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability. If a user visits a forged website, the agent program deployed on their device will send an authentication signature to the website. An unauthenticated remote...

8.8CVSS0.00687EPSS
Exploits0References2
Prion
Prion
•added 2024/12/31 2:15 a.m.•7 views

CVE-2024-12838

The passwordless login mechanism in CGFIDO from Changing Information Technology has an Authentication Bypass vulnerability, allowing remote attackers with regular privileges to send a crafted request to switch to the identity of any user, including administrators...

8.8CVSS0.00726EPSS
Exploits0References2
Prion
Prion
•added 2024/12/31 2:15 a.m.•9 views

CVE-2024-13040

The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling the user ID parameter, remote attackers with regular privileges could access certain features as any user, modify any user's account information and privileges, leading to...

8.8CVSS0.00463EPSS
Exploits0References2
Prion
Prion
•added 2024/12/30 10:15 p.m.•11 views

CVE-2024-13058

An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem. This issue only impacts SoftIron HyperCloud and related software products such ...

0.00417EPSS
Exploits0References1
Prion
Prion
•added 2024/12/30 9:15 p.m.•9 views

CVE-2024-11946

iXsystems TrueNAS CORE fetchpluginpackagesites tar Cleartext Transmission of Sensitive Information Vulnerability. This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. Authentication is not required to...

0.00292EPSS
Exploits0References2
Prion
Prion
•added 2024/12/30 9:15 p.m.•11 views

CVE-2024-12753

Foxit PDF Reader Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PDF Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to explo...

0.00278EPSS
Exploits0References2
Total number of security vulnerabilities213680