Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-53821 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pie Register Premium allows Reflected XSS.This issue affects Pie Register Premium: from n/a through n/a.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53817 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Acowebs Product Labels For Woocommerce allows Blind SQL Injection.This issue affects Product Labels For Woocommerce: from n/a through 1.5.8.
CVSS: HIGH (7.6) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53815 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Blind SQL Injection.This issue affects Pinpoint Booking System: from n/a through 2.9.9.5.1.
CVSS: HIGH (8.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53812 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacques Malgrange WP GeoNames allows Reflected XSS.This issue affects WP GeoNames: from n/a through 1.8.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53808 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms – Ultimate Form Builder allows SQL Injection.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.7.8.
CVSS: HIGH (8.5) EPSS Score: 0.05%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53807 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in brandtoss WP Mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through 1.8.16.0.
CVSS: HIGH (8.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53805 |
Description: Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53804 |
Description: Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.16.0.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-37222 |
Description: Cross Site Scripting (XSS) vulnerability in Averta Master Slider allows Reflected XSS.This issue affects Master Slider: from n/a through 3.9.10.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-11728 |
Description: The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to SQL Injection via the 'visit_type[service_id]' parameter of the tax_calculated_data AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
CVSS: HIGH (7.5) EPSS Score: 0.89%
December 7th, 2024 (4 months ago)
|