|
306881
|
7.2 |
HIGH
Network
|
-
|
-
|
The MainWP Dashboard – The Private WordPress Manager for Multiple Website Maintenance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mwp_setup_purchase_username’ parameter…
|
-
|
CVE-2016-15041
|
2024-10-16 16:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306882
|
- |
|
-
|
-
|
The Kento Post View Counter plugin for WordPress is vulnerable to SQL Injection via the 'kento_pvc_geo' parameter in versions up to, and including, 2.8 due to insufficient escaping on the user suppli…
|
CWE-89
SQL Injection
|
CVE-2016-15040
|
2024-10-16 16:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306883
|
8.3 |
HIGH
Network
|
-
|
-
|
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery in versions up to, and including 6.1, 1.0 respectively. This makes it possible for attackers to forger…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2012-10018
|
2024-10-16 16:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306884
|
- |
|
-
|
-
|
The Community by PeepSo – Social Network, Membership, Registration, User Profiles, Premium – Mobile App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via URLs in posts, comments, …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9873
|
2024-10-16 15:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306885
|
7.7 |
HIGH
Network
|
podman_project
redhat
fedoraproject
|
podman
enterprise_linux
openshift_container_platform
fedora
|
A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-3056
|
2024-10-16 14:15 |
2024-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306886
|
- |
|
-
|
-
|
Improper permission control in the mobile application (com.transsion.aivoiceassistant) can lead to the launch of any unexported component.
|
-
|
CVE-2024-10018
|
2024-10-16 12:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306887
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Multiline files upload for contact form 7 plugin for WordPress is vulnerable to unauthorized plugin deactivation due to a missing capability check on the mfcf7_zl_custom_handle_deactivation_plugi…
|
CWE-862
Missing Authorization
|
CVE-2024-9891
|
2024-10-16 11:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306888
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Locatoraid Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST keys in all versions up to, and including, 3.9.47 due to insufficient input sanitization a…
|
-
|
CVE-2024-9652
|
2024-10-16 11:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306889
|
6.1 |
MEDIUM
Network
|
-
|
-
|
The Kama SpamBlock plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST values in all versions up to, and including, 1.8.2 due to insufficient input sanitization and output…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9647
|
2024-10-16 11:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306890
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The SEO Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post meta in versions up to, and including, 1.9 due to insufficient input sanitization and output escaping on use…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9521
|
2024-10-16 11:15 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
