27 Jul 2024
Riasztás
NA - CVE-2024-42029 - xdg-desktop-portal-hyprland (aka an XDG Desktop...
xdg-desktop-portal-hyprland (aka an XDG Desktop Portal backend for Hyprland) before 1.3.3 allows OS command execution, e.g., because single quotes are not used when sending a list of app IDs and...
Read more
27 Jul 2024
Riasztás
Medium - CVE-2024-6661 - The ParityPress – Parity Pricing with Discount...
The ParityPress – Parity Pricing with Discount Rules plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Discount Text' in all versions up to, and including, 1.0.0 due...
Read more
27 Jul 2024
Riasztás
NA - CVE-2024-6634 - The Master Currency WP plugin for WordPress is...
The Master Currency WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's currencyconverterform shortcode in all versions up to, and including, 1.1.61 due to...
Read more
27 Jul 2024
Riasztás
Medium - CVE-2024-6591 - The Ultimate WordPress Auction Plugin plugin...
The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized email creation and sending due to a missing capability check on the 'send_auction_email_callback'...
Read more
27 Jul 2024
Riasztás
Medium - CVE-2024-6573 - The Intelligence plugin for WordPress is...
The Intelligence plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.4.0. This is due the plugin not preventing direct access to the...
Read more
27 Jul 2024
Riasztás
Medium - CVE-2024-6566 - The Aramex Shipping WooCommerce plugin for...
The Aramex Shipping WooCommerce plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.1.21. This is due the plugin not preventing direct access to the...
Read more