NA - CVE-2024-12927 - A vulnerability, which was classified as...
A vulnerability, which was classified as critical, has been found in 1000 Projects Attendance Tracking Management System 1.0. Affected by this issue is some unknown functionality of the file...
High - CVE-2024-12582 - A flaw was found in the skupper console, a...
A flaw was found in the skupper console, a read-only interface that renders cluster network, traffic details, and metrics for a network application that a user sets up across a hybrid multi-cloud...
High - CVE-2024-47515 - A vulnerability was found in Pagure. Support of...
A vulnerability was found in Pagure. Support of symbolic links during repository archiving of repositories allows the disclosure of local files. This flaw allows a malicious user to take advantage...
Medium - CVE-2024-9427 - A vulnerability in Koji was found. An...
A vulnerability in Koji was found. An unsanitized input allows for an XSS attack. Javascript code from a malicious link could be reflected in the resulting web page. It is not expected to be able...
Medium - CVE-2024-12266 - The ELEX WooCommerce Dynamic Pricing and...
The ELEX WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the elex_dp_export_rules() and...
Medium - CVE-2024-12507 - The Optio Dentistry plugin for WordPress is...
The Optio Dentistry plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'optio-lightbox' shortcode in all versions up to, and including, 2.1 due to...
Medium - CVE-2024-12518 - The ShMapper by Teplitsa plugin for WordPress...
The ShMapper by Teplitsa plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shmMap' shortcode in all versions up to, and including, 1.4.18 due to...
Medium - CVE-2024-12617 - The WC Price History for Omnibus plugin for...
The WC Price History for Omnibus plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX actions in all versions up to, and including, 2.1.3....
Medium - CVE-2024-12710 - The WP-Appbox plugin for WordPress is...
The WP-Appbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 4.5.3 due to insufficient input...
Medium - CVE-2024-11885 - The NinjaTeam Chat for Telegram plugin for...
The NinjaTeam Chat for Telegram plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'njtele_button shortcode in all versions up to, and including, 1.0 due...