Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-31873 |
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 contains hard-coded credentials which it uses for its own inbound authentication that could be obtained by a malicious actor. IBM X-Force ID: 287317. Published: April 10, 2024; 12:15:15 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31872 |
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to conduct a man in the middle attack when deploying Open Source scripts due to missing certificate validation. IBM X-Force ID: 287316. Published: April 10, 2024; 12:15:15 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31871 |
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 could allow a malicious actor to conduct a man in the middle attack when deploying Python scripts due to improper certificate validation. IBM X-Force ID: 287306. Published: April 10, 2024; 12:15:15 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31358 |
Missing Authorization vulnerability in Saleswonder.Biz 5 Stars Rating Funnel.This issue affects 5 Stars Rating Funnel: from n/a through 1.2.67. Published: April 10, 2024; 12:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31353 |
Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8. Published: April 10, 2024; 12:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31302 |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodePeople Contact Form Email.This issue affects Contact Form Email: from n/a through 1.3.44. Published: April 10, 2024; 12:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31298 |
Insertion of Sensitive Information into Log File vulnerability in Joel Hardi User Spam Remover.This issue affects User Spam Remover: from n/a through 1.0. Published: April 10, 2024; 12:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31297 |
Missing Authorization vulnerability in WPExperts Wholesale For WooCommerce.This issue affects Wholesale For WooCommerce: from n/a through 2.3.0. Published: April 10, 2024; 12:15:14 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31287 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Max Foundry Media Library Folders.This issue affects Media Library Folders: from n/a through 8.1.8. Published: April 10, 2024; 12:15:13 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31282 |
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Appcheap.Io App Builder.This issue affects App Builder: from n/a through 3.8.7. Published: April 10, 2024; 12:15:13 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31278 |
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons for Elementor.This issue affects Premium Addons for Elementor: from n/a through 4.10.22. Published: April 10, 2024; 12:15:13 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31259 |
Insertion of Sensitive Information into Log File vulnerability in Searchiq SearchIQ.This issue affects SearchIQ: from n/a through 4.5. Published: April 10, 2024; 12:15:13 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31254 |
Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7. Published: April 10, 2024; 12:15:13 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31253 |
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP OAuth Server OAuth Server.This issue affects OAuth Server: from n/a through 4.3.3. Published: April 10, 2024; 12:15:12 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31249 |
Insertion of Sensitive Information into Log File vulnerability in WPKube Subscribe To Comments Reloaded.This issue affects Subscribe To Comments Reloaded: from n/a through 220725. Published: April 10, 2024; 12:15:12 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31247 |
Insertion of Sensitive Information into Log File vulnerability in Frédéric GILLES FG Drupal to WordPress.This issue affects FG Drupal to WordPress: from n/a through 3.70.3. Published: April 10, 2024; 12:15:12 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31245 |
Insertion of Sensitive Information into Log File vulnerability in ConvertKit.This issue affects ConvertKit: from n/a through 2.4.5. Published: April 10, 2024; 12:15:12 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-31240 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in InfoTheme WP Poll Maker.This issue affects WP Poll Maker: from n/a through 3.1. Published: April 10, 2024; 12:15:12 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-23735 |
Cross Site Scripting (XSS) vulnerability in in the S/MIME certificate upload functionality of the User Profile pages in savignano S/Notify before 4.0.0 for Confluence allows attackers to manipulate user data via specially crafted certificate. Published: April 10, 2024; 12:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-23734 |
Cross Site Request Forgery vulnerability in in the upload functionality of the User Profile pages in savignano S/Notify before 2.0.1 for Bitbucket allow attackers to replace S/MIME certificate or PGP keys for arbitrary users via crafted link. Published: April 10, 2024; 12:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |