Total
262750 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-43325 | 1 Naiches | 1 Dark Mode For Wp Dashboard | 2024-09-12 | 4.3 Medium |
Cross-Site Request Forgery (CSRF) vulnerability in Naiche Dark Mode for WP Dashboard.This issue affects Dark Mode for WP Dashboard: from n/a through 1.2.3. | ||||
CVE-2024-41143 | 1 Skygroup | 1 Skysea Client View | 2024-09-12 | 7.8 High |
Origin validation error vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this vulnerability is exploited, an arbitrary process may be executed with SYSTEM privilege by a user who can log in to the PC where the product's Windows client is installed. | ||||
CVE-2024-43316 | 1 Checkoutplugins | 1 Stripe Payments For Woocommerce | 2024-09-12 | 4.3 Medium |
Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins Stripe Payments For WooCommerce by Checkout.This issue affects Stripe Payments For WooCommerce by Checkout: from n/a through 1.9.1. | ||||
CVE-2024-37930 | 2 Theme-sphere, Themesphere | 2 Smartmag, Smartmag | 2024-09-12 | 5.3 Medium |
Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization vulnerability in ThemeSphere SmartMag allows Excavation, Accessing Functionality Not Properly Constrained by ACLs.This issue affects SmartMag: from n/a through 9.3.0. | ||||
CVE-2024-43301 | 1 Fontsplugin | 1 Fonts Plugin | 2024-09-12 | 7.1 High |
Cross-Site Request Forgery (CSRF) vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7. | ||||
CVE-2024-43299 | 1 Softaculous | 1 Speedycache | 2024-09-12 | 5.4 Medium |
Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Team SpeedyCache.This issue affects SpeedyCache: from n/a through 1.1.8. | ||||
CVE-2024-43129 | 1 Wpdeveloper | 1 Betterdocs | 2024-09-12 | 6.5 Medium |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper BetterDocs allows PHP Local File Inclusion.This issue affects BetterDocs: from n/a through 3.5.8. | ||||
CVE-2024-43295 | 1 Wpdataaccess | 1 Wp Data Access | 2024-09-12 | 4.3 Medium |
Cross-Site Request Forgery (CSRF) vulnerability in Passionate Programmers B.V. WP Data Access.This issue affects WP Data Access: from n/a through 5.5.7. | ||||
CVE-2024-32840 | 2024-09-12 | N/A | ||
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
CVE-2024-43287 | 1 Sendinblue | 1 Newsletter\, Smtp\, Email Marketing And Subscribe | 2024-09-12 | 4.3 Medium |
Cross-Site Request Forgery (CSRF) vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue: from n/a through 3.1.82. | ||||
CVE-2024-34783 | 2024-09-12 | N/A | ||
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
CVE-2024-29847 | 2024-09-12 | N/A | ||
Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution. | ||||
CVE-2024-34779 | 2024-09-12 | N/A | ||
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
CVE-2024-43269 | 1 Wpbackitup | 1 Backup And Restore Wordpress | 2024-09-12 | 4.3 Medium |
Cross-Site Request Forgery (CSRF) vulnerability in WPBackItUp Backup and Restore WordPress.This issue affects Backup and Restore WordPress: from n/a through 1.50. | ||||
CVE-2024-43135 | 1 Themewinter | 1 Wpcafe | 2024-09-12 | 7.5 High |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themewinter WPCafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through 2.2.28. | ||||
CVE-2024-32848 | 2024-09-12 | N/A | ||
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
CVE-2024-43265 | 1 Analytify | 1 Analytify - Google Analytics Dashboard | 2024-09-12 | 4.3 Medium |
Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n/a through 5.3.1. | ||||
CVE-2024-34785 | 2024-09-12 | N/A | ||
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
CVE-2024-32843 | 2024-09-12 | N/A | ||
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. | ||||
CVE-2024-32846 | 2024-09-12 | N/A | ||
An unspecified SQL injection in Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote authenticated attacker with admin privileges to achieve remote code execution. |