|
315781
|
4.3 |
MEDIUM
Network
|
wpdataaccess
|
wp_data_access
|
Cross-Site Request Forgery (CSRF) vulnerability in Passionate Programmers B.V. WP Data Access.This issue affects WP Data Access: from n/a through 5.5.7.
|
CWE-352
Origin Validation Error
|
CVE-2024-43295
|
2024-09-13 06:20 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315782
|
8.8 |
HIGH
Network
|
sendinblue
|
newsletter\
_smtp\
_email_marketing_and_subscribe
|
Cross-Site Request Forgery (CSRF) vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms b…
|
CWE-352
Origin Validation Error
|
CVE-2024-43287
|
2024-09-13 06:19 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315783
|
4.3 |
MEDIUM
Network
|
wpbackitup
|
backup_and_restore_wordpress
|
Cross-Site Request Forgery (CSRF) vulnerability in WPBackItUp Backup and Restore WordPress.This issue affects Backup and Restore WordPress: from n/a through 1.50.
|
CWE-352
Origin Validation Error
|
CVE-2024-43269
|
2024-09-13 06:18 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315784
|
8.8 |
HIGH
Network
|
themewinter
|
wpcafe
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themewinter WPCafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through 2.2.28.
|
CWE-22
Path Traversal
|
CVE-2024-43135
|
2024-09-13 06:18 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315785
|
3.5 |
LOW
Network
|
analytify
|
analytify_-_google_analytics_dashboard
|
Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n/a through 5.3.1.
|
CWE-352
Origin Validation Error
|
CVE-2024-43265
|
2024-09-13 06:17 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315786
|
7.5 |
HIGH
Network
|
storelocatorplus
|
store_locator_plus
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Store Locator Plus.This issue affects Store Locator Plus: from n/a through 2311.17.01.
|
NVD-CWE-noinfo
|
CVE-2024-43258
|
2024-09-13 06:11 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315787
|
8.8 |
HIGH
Network
|
mage-people
|
event_manager_and_tickets_selling_for_woocommerce
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MagePeople Team Event Manager for WooCommerce allows PHP Local File Inclusion.This issue affects Event …
|
CWE-22
Path Traversal
|
CVE-2024-43138
|
2024-09-13 06:11 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315788
|
6.5 |
MEDIUM
Network
|
nouthemes
|
leopard
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Nouthemes Leopard - WordPress offload media.This issue affects Leopard - WordPress offload media: from n/a through 2.0.36.
|
NVD-CWE-noinfo
|
CVE-2024-43257
|
2024-09-13 06:09 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315789
|
5.4 |
MEDIUM
Network
|
piotnet
|
piotnet_addons
|
The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Accordion, Dual Heading, and Vertical Timeline widgets in all versions up to,…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5502
|
2024-09-13 06:05 |
2024-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315790
|
4.9 |
MEDIUM
Network
|
continew
|
continew_admin
|
A vulnerability was found in ContiNew Admin 3.2.0 and classified as critical. Affected by this issue is the function top.continew.starter.extension.crud.controller.BaseController#page of the file /ap…
|
CWE-89
SQL Injection
|
CVE-2024-8150
|
2024-09-13 06:01 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
