Riasztások
2024. dec. 6.
Medium - CVE-2024-4633 - The Slider and Carousel slider by Depicter...
The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘addExtraMimeType’ function in versions up to, and including, 3.2.1 due to...
2024. dec. 6.
NA - CVE-2024-51615 - Improper Neutralization of Special Elements...
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Owen Cutajar & Hyder Jaffari WordPress Auction Plugin allows SQL Injection.This issue...
2024. dec. 6.
NA - CVE-2024-51815 - Improper Control of Generation of Code...
Improper Control of Generation of Code ('Code Injection') vulnerability in WP Sharks s2Member Pro allows Code Injection.This issue affects s2Member Pro: from n/a through 241114.
2024. dec. 6.
Critical - CVE-2024-52335 - A vulnerability has been identified in...
A vulnerability has been identified in syngo.plaza VB30E (All versions < VB30E_HF05). The affected application do not properly sanitize input data before sending it to the SQL server. This could...
2024. dec. 6.
NA - CVE-2024-53794 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LOOS,Inc. Arkhe Blocks allows Stored XSS.This issue affects Arkhe Blocks: from n/a...
2024. dec. 6.
NA - CVE-2024-53795 - Missing Authorization vulnerability in Andy...
Missing Authorization vulnerability in Andy Moyle Church Admin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Church Admin: from n/a through 5.0.8.
2024. dec. 6.
NA - CVE-2024-53796 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesflat Themesflat Addons For Elementor allows DOM-Based XSS.This issue affects...
2024. dec. 6.
NA - CVE-2024-53797 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This issue affects Beaver...
2024. dec. 6.
NA - CVE-2024-53799 - Missing Authorization vulnerability in BAKKBONE...
Missing Authorization vulnerability in BAKKBONE Australia FloristPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FloristPress: from n/a through 7.3.0.
2024. dec. 6.
NA - CVE-2024-53801 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder:...