NA - CVE-2024-5961 - Improper neutralization of input during web...
Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting (XSS). An attacker might trick somebody into using a crafted...
High - CVE-2024-5995 - The notification emails sent by Soar Cloud HR...
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. The expiration of the session is not properly configured, remaining valid for more than 7 days and can...
NA - CVE-2024-25142 - Use of Web Browser Cache Containing Sensitive...
Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of some browsers could...
NA - CVE-2024-4863 - The Gutenberg Blocks with AI by Kadence WP –...
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘titleFont’ parameter in all versions up to, and...
High - CVE-2024-5996 - The notification emails sent by Soar Cloud HR...
The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session. These emails are sent without using an encrypted transmission protocol. If an attacker intercepts the...
NA - CVE-2023-29174 - Missing Authorization vulnerability in...
Missing Authorization vulnerability in NervyThemes SKU Label Changer For WooCommerce.This issue affects SKU Label Changer For WooCommerce: from n/a through 3.0.