|
308121
|
4.8 |
MEDIUM
Network
|
10web
|
form_maker
|
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.15.27 due to insuf…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8633
|
2024-10-1 23:17 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308122
|
5.4 |
MEDIUM
Network
|
advancedfilemanager
|
advanced_file_manager
|
Multiple plugins and/or themes for WordPress are vulnerable to Limited File Upload in various versions. This is due to a lack of proper checks to ensure lower-privileged roles cannot upload .css and …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8725
|
2024-10-1 23:16 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308123
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2024-46839
|
2024-10-1 23:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308124
|
7.2 |
HIGH
Network
|
advancedfilemanager
|
advanced_file_manager
|
The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale' parameter. This makes it possible for …
|
CWE-22
Path Traversal
|
CVE-2024-8704
|
2024-10-1 23:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308125
|
7.5 |
HIGH
Network
|
redhat
|
keycloak
single_sign-on
|
A denial of service vulnerability was found in keycloak where the amount of attributes per object is not limited,an attacker by sending repeated HTTP requests could cause a resource exhaustion when t…
|
NVD-CWE-noinfo
|
CVE-2023-6841
|
2024-10-1 23:15 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308126
|
6.1 |
MEDIUM
Network
|
redhat
|
build_of_keycloak
keycloak
|
An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referrer_uri parameters are made to trick a user to visit a malicious webpage. …
|
CWE-601
Open Redirect
|
CVE-2024-7260
|
2024-10-1 23:15 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308127
|
8.8 |
HIGH
Network
|
advancedfilemanager
|
advanced_file_manager
|
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.8. This makes it possible for a…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8126
|
2024-10-1 23:14 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308128
|
5.4 |
MEDIUM
Network
|
alefypimentel
|
gf_custom_style
|
The GF Custom Style plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.0 due to insufficient input sanitization and output …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9173
|
2024-10-1 23:12 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308129
|
5.4 |
MEDIUM
Network
|
codecabin
|
super_testimonials
|
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alignment’ parameter in all versions up to, and including, 3.0.0 due to insufficient input sanitizati…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9127
|
2024-10-1 23:09 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308130
|
5.4 |
MEDIUM
Network
|
kingblack
|
king_ie
|
The king_IE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9125
|
2024-10-1 23:00 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
