Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-52452 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eduNEXT Open edX LMS allows Reflected XSS.This issue affects Open edX LMS: from n/a through 2.6.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-52447 |
Description: Path Traversal: '.../...//' vulnerability in Corporate Zen Contact Page With Google Map allows Path Traversal.This issue affects Contact Page With Google Map: from n/a through 1.6.1.
CVSS: HIGH (8.6) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-51636 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Z.com by GMO GMO Social Connection allows Cross-Site Scripting (XSS).
This issue affects GMO Social Connection: from n/a through 1.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-37094 |
Description: Missing Authorization vulnerability in StylemixThemes MasterStudy LMS allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects MasterStudy LMS: from n/a through 3.2.12.
CVSS: HIGH (8.2) EPSS Score: 0.09%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-12015 |
Description: The 'Project Manager' WordPress Plugin is affected by an authenticated SQL injection vulnerability in the 'orderby' parameter in the '/pm/v2/activites' route.
CVSS: HIGH (7.7) EPSS Score: 0.04%
December 3rd, 2024 (5 months ago)
|
|
CVE-2024-53783 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Anzia Ni WooCommerce Cost Of Goods allows SQL Injection.This issue affects Ni WooCommerce Cost Of Goods: from n/a through 3.2.8.
CVSS: HIGH (7.6) EPSS Score: 0.04%
December 2nd, 2024 (5 months ago)
|
|
CVE-2024-53750 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Maeve Lander PayPal Responder allows Stored XSS.This issue affects PayPal Responder: from n/a through 1.2.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 2nd, 2024 (5 months ago)
|
|
CVE-2024-53742 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prism I.T. Systems Multilevel Referral Affiliate Plugin for WooCommerce allows Reflected XSS.This issue affects Multilevel Referral Affiliate Plugin for WooCommerce: from n/a through 2.27.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 2nd, 2024 (5 months ago)
|
|
CVE-2024-53778 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Essential Marketer Essential Breadcrumbs allows Stored XSS.This issue affects Essential Breadcrumbs: from n/a through 1.1.1.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 1st, 2024 (5 months ago)
|
|
CVE-2024-53739 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elementor: from n/a through 1.6.4.
CVSS: HIGH (8.1) EPSS Score: 0.04%
December 1st, 2024 (5 months ago)
|