|
312581
|
6.3 |
MEDIUM
Network
|
tutorlms
|
tutor_lms_pro
|
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions execution due to a missing capability checks on multiple functions like treport_quiz_atttempt_delete and t…
|
CWE-862
Missing Authorization
|
CVE-2024-5784
|
2024-09-3 23:48 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312582
|
4.3 |
MEDIUM
Network
|
themeific
|
tourfic
|
The Tourfic plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.11.20. This is due to missing or incorrect nonce validation on the tf_order_status…
|
CWE-352
Origin Validation Error
|
CVE-2024-8319
|
2024-09-3 23:43 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312583
|
5.4 |
MEDIUM
Network
|
wpvibes
|
elementor_addon_elements
|
The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.13.6 due to insufficient input sanitization…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7122
|
2024-09-3 23:41 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312584
|
- |
|
-
|
-
|
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make imp…
|
-
|
CVE-2024-3655
|
2024-09-3 23:35 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312585
|
6.3 |
MEDIUM
Network
|
maxfoundry
|
media_library_folders
|
The Media Library Folders plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several AJAX functions in the media-library-plus.php file in all versions up to…
|
CWE-862
Missing Authorization
|
CVE-2024-7858
|
2024-09-3 23:34 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312586
|
8.8 |
HIGH
Network
|
codection
|
clean_login
|
The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.14.5 via the 'template' attribute of the clean-login-register shortcode. This makes …
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2024-8252
|
2024-09-3 23:31 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312587
|
6.1 |
MEDIUM
Network
|
wpbookingcalendar
|
wp_booking_calendar
|
The WP Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters from 'timeline_obj' in all versions up to, and including, 10.5 due to insufficient …
|
CWE-79
Cross-site Scripting
|
CVE-2024-8274
|
2024-09-3 23:28 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312588
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
sched: Fix yet more sched_fork() races
Where commit 4ef0c5c6b5ba ("kernel/sched: Fix sched_fork() access an
invalid sched_task_gr…
|
NVD-CWE-noinfo
|
CVE-2022-48944
|
2024-09-3 23:26 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312589
|
9.8 |
CRITICAL
Network
|
openrapid
|
rapidcms
|
A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been classified as critical. This affects an unknown part of the file /admin/user/user-move-run.php. The manipulation of the argume…
|
CWE-89
SQL Injection
|
CVE-2024-8331
|
2024-09-3 23:25 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312590
|
9.8 |
CRITICAL
Network
|
master-nan
|
sweet-cms
|
A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been declared as critical. This vulnerability affects unknown code of the file /table/index. T…
|
CWE-89
SQL Injection
|
CVE-2024-8332
|
2024-09-3 23:23 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
