Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-56010
WordPress Device Detector Plugin <= 4.2.0 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lannoy / PerfOps One Device Detector allows Reflected XSS.This issue affects Device Detector: from n/a through 4.2.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 19th, 2024 (4 months ago)

CVE-2024-56008
WordPress Spreadr Woocommerce plugin <= 1.0.4 - Arbitrary Content Deletion vulnerability
Description: Missing Authorization vulnerability in spreadr Spreadr Woocommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Spreadr Woocommerce: from n/a through 1.0.4.

CVSS: HIGH (7.5)

EPSS Score: 0.04%

Source: CVE
December 19th, 2024 (4 months ago)

CVE-2024-55985
WordPress YDS Support Ticket System plugin <= 1.0 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ydesignservices YDS Support Ticket System allows SQL Injection.This issue affects YDS Support Ticket System: from n/a through 1.0.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
December 19th, 2024 (4 months ago)

CVE-2024-55984
WordPress Saksh Escrow System plugin <= 2.4 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susheelhbti Saksh Escrow System allows SQL Injection.This issue affects Saksh Escrow System: from n/a through 2.4.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
December 19th, 2024 (4 months ago)

CVE-2024-55983
WordPress PowerFormBuilder plugin <= 1.0.6 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Derek Hamilton PowerFormBuilder allows SQL Injection.This issue affects PowerFormBuilder: from n/a through 1.0.6.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
December 19th, 2024 (4 months ago)

CVE-2024-55975
WordPress Dr Affiliate plugin <= 1.2.3 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rohit Urane Dr Affiliate allows SQL Injection.This issue affects Dr Affiliate: from n/a through 1.2.3.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
December 19th, 2024 (4 months ago)

CVE-2024-54381
WordPress Advance Menu Manager plugin <= 3.1.1 - Settings Change vulnerability
Description: Missing Authorization vulnerability in theDotstore Advance Menu Manager.This issue affects Advance Menu Manager: from n/a through 3.1.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 19th, 2024 (4 months ago)

CVE-2024-54350
WordPress hmd theme <= 2.0 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HJYL hmd allows Stored XSS.This issue affects hmd: from n/a through 2.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 19th, 2024 (4 months ago)

CVE-2024-54270
WordPress Axeptio plugin <= 2.5.3 - Local File Inclusion vulnerability
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axeptio Axeptio allows PHP Local File Inclusion.This issue affects Axeptio: from n/a through 2.5.3.

CVSS: HIGH (8.1)

EPSS Score: 0.04%

Source: CVE
December 19th, 2024 (4 months ago)

CVE-2024-51646
WordPress Saoshyant Element plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saoshyant Saoshyant Element allows Reflected XSS.This issue affects Saoshyant Element: from n/a through 1.2.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 19th, 2024 (4 months ago)