For individuals | HunCERT group

7 Jan 2025

Riasztás

Medium - CVE-2024-12719 - The WordPress File Upload plugin for WordPress...

The WordPress File Upload plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wfu_ajax_action_read_subfolders' function in all...

security-database.com

7 Jan 2025

Riasztás

NA - CVE-2024-43243 - Unrestricted Upload of File with Dangerous Type...

Unrestricted Upload of File with Dangerous Type vulnerability in ThemeGlow JobBoard Job listing allows Upload a Web Shell to a Web Server.This issue affects JobBoard Job listing: from n/a through...

security-database.com

7 Jan 2025

Riasztás

NA - CVE-2024-49222 - Deserialization of Untrusted Data vulnerability...

Deserialization of Untrusted Data vulnerability in Amento Tech Pvt ltd WPGuppy allows Object Injection.This issue affects WPGuppy: from n/a through 1.1.0.

security-database.com

7 Jan 2025

Riasztás

NA - CVE-2024-49249 - Path Traversal vulnerability in SMSA Express...

Path Traversal vulnerability in SMSA Express SMSA Shipping allows Path Traversal.This issue affects SMSA Shipping: from n/a through 2.3.

security-database.com

7 Jan 2025

Riasztás

NA - CVE-2024-49294 - Cross-Site Request Forgery (CSRF) vulnerability...

Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team Bus Ticket Booking with Seat Reservation allows Cross Site Request Forgery.This issue affects Bus Ticket Booking with Seat...

security-database.com

7 Jan 2025

Riasztás

NA - CVE-2024-49633 - Improper Neutralization of Input During Web...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Designinvento DirectoryPress allows Reflected XSS.This issue affects DirectoryPress:...

security-database.com

7 Jan 2025

Riasztás

NA - CVE-2024-49644 - Incorrect Privilege Assignment vulnerability in...

Incorrect Privilege Assignment vulnerability in AllAccessible Team Accessibility by AllAccessible allows Privilege Escalation.This issue affects Accessibility by AllAccessible: from n/a through 1.3.4.

security-database.com

7 Jan 2025

Riasztás

NA - CVE-2024-49649 - Improper Control of Filename for...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Abdul Hakeem Build App Online allows PHP Local File Inclusion.This...

security-database.com

7 Jan 2025

Riasztás

NA - CVE-2024-51651 - Missing Authorization vulnerability in CubeWP...

Missing Authorization vulnerability in CubeWP CubeWP Forms – All-in-One Form Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP Forms –...

security-database.com

7 Jan 2025

Riasztás

NA - CVE-2024-51700 - Improper Neutralization of Input During Web...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ? ?? (Minjun Kim) NAVER Analytics allows Stored XSS.This issue affects NAVER...

security-database.com

Phone:	+36 1 279 6222 9am to 4pm
E-mail:	@email
Address:	H-1111 Budapest, Kende u. 13-17.