|
251481
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Post Status Notifier Lite and Premium plugins for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘page’ parameter in all versions up to, and including, 1.11.6 due to insufficie…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10048
|
2024-10-29 18:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251482
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in Amin Omer Sudan Payment Gateway for WooCommerce allows Upload a Web Shell to a Web Server.This issue affects Sudan Payment Gateway for…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50494
|
2024-10-29 17:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251483
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in masterhomepage Automatic Translation allows Upload a Web Shell to a Web Server.This issue affects Automatic Translation: from n/a thro…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50493
|
2024-10-29 17:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251484
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in mahlamusa Multi Purpose Mail Form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a throu…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50484
|
2024-10-29 17:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251485
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in Chetan Khandla Woocommerce Product Design allows Upload a Web Shell to a Web Server.This issue affects Woocommerce Product Design: fro…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50482
|
2024-10-29 17:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251486
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in azexo Marketing Automation by AZEXO allows Upload a Web Shell to a Web Server.This issue affects Marketing Automation by AZEXO: from n…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50480
|
2024-10-29 17:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251487
|
- |
|
-
|
-
|
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to check that the origin of the message in an integration action matches with the original post metadata which allows an au…
|
-
|
CVE-2024-50052
|
2024-10-29 17:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251488
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.4 via the render function in elements/tabs/tabs.php. …
|
CWE-200
Information Exposure
|
CVE-2024-10312
|
2024-10-29 17:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251489
|
- |
|
-
|
-
|
Mattermost versions 9.5.x <= 9.5.9 fail to properly filter the channel data when ElasticSearch is enabled which allows a user to get private channel names by using cmd+K/ctrl+K.
|
-
|
CVE-2024-10241
|
2024-10-29 17:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251490
|
8.8 |
HIGH
Network
|
-
|
-
|
The Masteriyo LMS – eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to unauthorized user profile modification due to missing authorization checks on the /wp-json/…
|
CWE-862
Missing Authorization
|
CVE-2024-10008
|
2024-10-29 15:15 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
