|
308771
|
7.4 |
HIGH
Adjacent
|
cisco
|
ios_xr
|
A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause …
|
NVD-CWE-noinfo
|
CVE-2024-20406
|
2024-10-8 02:56 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308772
|
5.3 |
MEDIUM
Network
|
cisco
|
ios_xr
|
A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on XML TCP listen port 38751.
This vu…
|
NVD-CWE-Other
|
CVE-2024-20390
|
2024-10-8 02:51 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308773
|
7.2 |
HIGH
Network
|
-
|
-
|
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.228 via deserialization of untrusted inp…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-9314
|
2024-10-8 02:48 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308774
|
6.5 |
MEDIUM
Network
|
-
|
-
|
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the 'update_metadata' f…
|
CWE-862
Missing Authorization
|
CVE-2024-9161
|
2024-10-8 02:48 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308775
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in the Modern Heading and Icon Picker widgets all versions …
|
-
|
CVE-2024-8486
|
2024-10-8 02:48 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308776
|
6.8 |
MEDIUM
Network
|
-
|
-
|
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Limited JavaScript File Upload in all versions up to, and including, 6.…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8743
|
2024-10-8 02:48 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308777
|
4.9 |
MEDIUM
Network
|
-
|
-
|
The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form label fields in all versions up to…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9528
|
2024-10-8 02:48 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308778
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The WP Cleanup and Basic Functions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.2.1 due to insufficient input sanitiz…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9455
|
2024-10-8 02:48 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308779
|
- |
|
-
|
-
|
The Themify Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9385
|
2024-10-8 02:48 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308780
|
- |
|
-
|
-
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia Foundation Mediawiki - PageTriage allows Authentication Bypass.This issue affects Mediawiki - PageTriage: fro…
|
-
|
CVE-2024-47848
|
2024-10-8 02:48 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
