Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-56015
WordPress Tidy Up Plugin <= 1.3 - CSRF to Reflected Cross-Site Scripting vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in John Godley Tidy Up allows Reflected XSS.This issue affects Tidy Up: from n/a through 1.3.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-56013
WordPress Wovax IDX plugin <= 1.2.2 - Account Takeover vulnerability
Description: Authentication Bypass Using an Alternate Path or Channel vulnerability in Wovax, LLC. Wovax IDX allows Authentication Bypass.This issue affects Wovax IDX: from n/a through 1.2.2.

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-55990
WordPress Mollie for Contact Form 7 plugin <= 5.0.0 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ewald Harmsen Mollie for Contact Form 7 allows Blind SQL Injection.This issue affects Mollie for Contact Form 7: from n/a through 5.0.0.

CVSS: HIGH (7.6)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-55989
WordPress WP Simple Pay Lite Manager Plugin <= 1.4 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kyle M. Brown WP Simple Pay Lite Manager allows SQL Injection.This issue affects WP Simple Pay Lite Manager: from n/a through 1.4.

CVSS: HIGH (7.6)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-55987
WordPress Advanced What should we write next about plugin <= 1.0.3 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ritesh Sanap Advanced What should we write next about allows SQL Injection.This issue affects Advanced What should we write next about: from n/a through 1.0.3.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-55986
WordPress Service plugin <= 1.0.4 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in serviceonline Service allows Blind SQL Injection.This issue affects Service: from n/a through 1.0.4.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-55979
WordPress Wr Age Verification plugin <= 2.0.0 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Webriderz Wr Age Verification allows SQL Injection.This issue affects Wr Age Verification: from n/a through 2.0.0.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-55974
WordPress Mimoos plugin <= 1.2 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AMS Nexe Iberica Mimoos allows SQL Injection.This issue affects Mimoos: from n/a through 1.2.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-55973
WordPress TSB Occasion Editor plugin <= 1.2.1 - SQL Injection vulnerability
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ryan Nystrom TSB Occasion Editor allows SQL Injection.This issue affects TSB Occasion Editor: from n/a through 1.2.1.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)

CVE-2024-54440
WordPress WP-Ban-User plugin <= 1.0 - CSRF to Stored XSS vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in blueskyy WP-Ban-User allows Stored XSS.This issue affects WP-Ban-User: from n/a through 1.0.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (4 months ago)