Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-31302 |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodePeople Contact Form Email.This issue affects Contact Form Email: from n/a through 1.3.44. Published: April 10, 2024; 12:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31298 |
Insertion of Sensitive Information into Log File vulnerability in Joel Hardi User Spam Remover.This issue affects User Spam Remover: from n/a through 1.0. Published: April 10, 2024; 12:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31297 |
Missing Authorization vulnerability in WPExperts Wholesale For WooCommerce.This issue affects Wholesale For WooCommerce: from n/a through 2.3.0. Published: April 10, 2024; 12:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31287 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Max Foundry Media Library Folders.This issue affects Media Library Folders: from n/a through 8.1.8. Published: April 10, 2024; 12:15:13 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31282 |
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Appcheap.Io App Builder.This issue affects App Builder: from n/a through 3.8.7. Published: April 10, 2024; 12:15:13 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31278 |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons for Elementor.This issue affects Premium Addons for Elementor: from n/a through 4.10.22. Published: April 10, 2024; 12:15:13 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31259 |
Insertion of Sensitive Information into Log File vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.5. Published: April 10, 2024; 12:15:13 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31254 |
Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7. Published: April 10, 2024; 12:15:13 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31253 |
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP OAuth Server OAuth Server.This issue affects OAuth Server: from n/a through 4.3.3. Published: April 10, 2024; 12:15:12 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31249 |
Insertion of Sensitive Information into Log File vulnerability in WPKube Subscribe To Comments Reloaded.This issue affects Subscribe To Comments Reloaded: from n/a through 220725. Published: April 10, 2024; 12:15:12 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31247 |
Insertion of Sensitive Information into Log File vulnerability in Frédéric GILLES FG Drupal to WordPress.This issue affects FG Drupal to WordPress: from n/a through 3.70.3. Published: April 10, 2024; 12:15:12 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31245 |
Insertion of Sensitive Information into Log File vulnerability in ConvertKit.This issue affects ConvertKit: from n/a through 2.4.5. Published: April 10, 2024; 12:15:12 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31240 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in InfoTheme WP Poll Maker.This issue affects WP Poll Maker: from n/a through 3.1. Published: April 10, 2024; 12:15:12 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-23735 |
Cross Site Scripting (XSS) vulnerability in in the S/MIME certificate upload functionality of the User Profile pages in savignano S/Notify before 4.0.0 for Confluence allows attackers to manipulate user data via specially crafted certificate. Published: April 10, 2024; 12:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-23734 |
Cross Site Request Forgery vulnerability in in the upload functionality of the User Profile pages in savignano S/Notify before 2.0.1 for Bitbucket allow attackers to replace S/MIME certificate or PGP keys for arbitrary users via crafted link. Published: April 10, 2024; 12:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0218 |
A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian, caused by improper input validation in certain fields used in the Radius parsing functionality of our IDS, allows an unauthenticated attacker sending specially crafted malformed network packets to cause the IDS module to stop updating nodes, links, and assets. Network traffic may not be analyzed until the IDS module is restarted. Published: April 10, 2024; 12:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-6916 |
Audit records for OpenAPI requests may include sensitive information. This could lead to unauthorized accesses and privilege escalation. Published: April 10, 2024; 12:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3567 |
A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition. Published: April 10, 2024; 11:16:05 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29296 |
A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not. Published: April 10, 2024; 11:16:05 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-27477 |
In Leantime 3.0.6, a Cross-Site Scripting vulnerability exists within the ticket creation and modification functionality, allowing attackers to inject malicious JavaScript code into the title field of tickets (also known as to-dos). This stored XSS vulnerability can be exploited to perform Server-Side Request Forgery (SSRF) attacks. Published: April 10, 2024; 11:16:04 AM -0400 |
V3.x:(not available) V2.0:(not available) |