Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-32947 |
Cross-Site Request Forgery (CSRF) vulnerability in AlumniOnline Web Services LLC WP ADA Compliance Check Basic.This issue affects WP ADA Compliance Check Basic: from n/a through 3.1.3. Published: April 24, 2024; 11:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32872 |
Umbraco workflow provides workflows for the Umbraco content management system. Prior to versions 10.3.9, 12.2.6, and 13.0.6, an Umbraco Backoffice user can modify requests to a particular API endpoint to include SQL, which will be executed by the server. Umbraco Workflow versions 10.3.9, 12.2.6, 13.0.6, as well as Umbraco Plumber version 10.1.2, contain a patch for this issue. Published: April 24, 2024; 11:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32806 |
Cross-Site Request Forgery (CSRF) vulnerability in CoSchedule Headline Analyzer.This issue affects Headline Analyzer: from n/a through 1.3.3. Published: April 24, 2024; 11:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32795 |
Cross-Site Request Forgery (CSRF) vulnerability in Revmakx WPCal.Io – Easy Meeting Scheduler.This issue affects WPCal.Io – Easy Meeting Scheduler: from n/a through 0.9.5.8. Published: April 24, 2024; 11:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32794 |
Cross-Site Request Forgery (CSRF) vulnerability in Paid Memberships Pro.This issue affects Paid Memberships Pro: from n/a through 2.12.10. Published: April 24, 2024; 11:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32793 |
Cross-Site Request Forgery (CSRF) vulnerability in Paid Memberships Pro.This issue affects Paid Memberships Pro: from n/a through 2.12.10. Published: April 24, 2024; 11:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32773 |
Cross-Site Request Forgery (CSRF) vulnerability in WP Royal Royal Elementor Kit.This issue affects Royal Elementor Kit: from n/a through 1.0.116. Published: April 24, 2024; 11:15:46 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32728 |
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Paid Member Subscriptions.This issue affects Paid Member Subscriptions: from n/a through 2.11.0. Published: April 24, 2024; 11:15:46 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32699 |
Cross-Site Request Forgery (CSRF) vulnerability in YITH YITH WooCommerce Compare.This issue affects YITH WooCommerce Compare: from n/a through 2.37.0. Published: April 24, 2024; 11:15:46 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-25785 |
Missing Authorization vulnerability in Shoaib Saleem WP Post Rating allows Functionality Misuse.This issue affects WP Post Rating: from n/a through 2.5. Published: April 24, 2024; 11:15:45 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2023-23989 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.1.9.2. Published: April 24, 2024; 11:15:45 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-4111 |
A vulnerability was found in Tenda TX9 22.03.02.10. It has been rated as critical. Affected by this issue is the function sub_42BD7C of the file /goform/SetLEDCfg. The manipulation of the argument time leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-261854 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: April 24, 2024; 10:15:45 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28825 |
Improper restriction of excessive authentication attempts on some authentication methods in Checkmk before 2.3.0b5 (beta), 2.2.0p26, 2.1.0p43, and in Checkmk 2.0.0 (EOL) facilitates password brute-forcing. Published: April 24, 2024; 8:15:06 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32954 |
Unrestricted Upload of File with Dangerous Type vulnerability in Tribulant Newsletters.This issue affects Newsletters: from n/a through 4.9.5. Published: April 24, 2024; 7:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32823 |
Authorization Bypass Through User-Controlled Key vulnerability in FeedbackWP Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.4. Published: April 24, 2024; 7:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32808 |
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9. Published: April 24, 2024; 7:15:48 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32789 |
Cross-Site Request Forgery (CSRF) vulnerability in Seers allows Cross-Site Scripting (XSS).This issue affects Seers: from n/a through 8.1.0. Published: April 24, 2024; 7:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32785 |
Cross-Site Request Forgery (CSRF) vulnerability in Webangon The Pack Elementor addons allows Cross-Site Scripting (XSS).This issue affects The Pack Elementor addons: from n/a through 2.0.8.3. Published: April 24, 2024; 7:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32772 |
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9. Published: April 24, 2024; 7:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32711 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in myCred allows Stored XSS.This issue affects myCred: from n/a through 2.6.3. Published: April 24, 2024; 7:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |