Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-30242 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IT Path Solutions Contact Form to Any API.This issue affects Contact Form to Any API: from n/a through 1.1.8. Published: March 28, 2024; 1:15:52 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30241 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.1. Published: March 28, 2024; 1:15:52 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30240 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Typps Calendarista.This issue affects Calendarista: from n/a through 15.5.7. Published: March 28, 2024; 1:15:52 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30239 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.6. Published: March 28, 2024; 1:15:52 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30237 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Supsystic Slider by Supsystic.This issue affects Slider by Supsystic: from n/a through 1.8.10. Published: March 28, 2024; 1:15:51 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30236 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contest Gallery.This issue affects Contest Gallery: from n/a through 21.3.4. Published: March 28, 2024; 1:15:51 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30230 |
Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce: from n/a through 1.3.7. Published: March 28, 2024; 1:15:51 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30229 |
Deserialization of Untrusted Data vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.4.2. Published: March 28, 2024; 1:15:51 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30228 |
Deserialization of Untrusted Data vulnerability in Hercules Design Hercules Core.This issue affects Hercules Core : from n/a through 6.4. Published: March 28, 2024; 1:15:51 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30227 |
Deserialization of Untrusted Data vulnerability in INFINITUM FORM Geo Controller.This issue affects Geo Controller: from n/a through 8.6.4. Published: March 28, 2024; 1:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30226 |
Deserialization of Untrusted Data vulnerability in WPDeveloper BetterDocs.This issue affects BetterDocs: from n/a through 3.3.3. Published: March 28, 2024; 1:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30225 |
Deserialization of Untrusted Data vulnerability in WPENGINE, INC. WP Migrate.This issue affects WP Migrate: from n/a through 2.6.10. Published: March 28, 2024; 1:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30224 |
Deserialization of Untrusted Data vulnerability in Wholesale Team WholesaleX.This issue affects WholesaleX: from n/a through 1.3.2. Published: March 28, 2024; 1:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30223 |
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26. Published: March 28, 2024; 1:15:50 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-30222 |
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26. Published: March 28, 2024; 1:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0677 |
The Pz-LinkCard WordPress plugin through 2.5.1 does not prevent users from pinging arbitrary hosts via some of its shortcodes, which could allow high privilege users such as contributors to perform SSRF attacks. Published: March 28, 2024; 1:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0673 |
The Pz-LinkCard WordPress plugin through 2.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed Published: March 28, 2024; 1:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0672 |
The Pz-LinkCard WordPress plugin through 2.5.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Published: March 28, 2024; 1:15:49 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-2091 |
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 1.13.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Published: March 27, 2024; 11:15:07 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3024 |
A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-258333 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Published: March 27, 2024; 10:15:11 PM -0400 |
V3.x:(not available) V2.0:(not available) |