Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-54205 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Paloma Paloma Widget allows Cross Site Request Forgery.This issue affects Paloma Widget: from n/a through 1.14.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (6 months ago)
|
|
CVE-2024-53824 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AREOI All Bootstrap Blocks allows PHP Local File Inclusion.This issue affects All Bootstrap Blocks: from n/a through 1.3.19.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 7th, 2024 (6 months ago)
|
|
CVE-2024-53821 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pie Register Premium allows Reflected XSS.This issue affects Pie Register Premium: from n/a through n/a.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (6 months ago)
|
|
CVE-2024-53817 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Acowebs Product Labels For Woocommerce allows Blind SQL Injection.This issue affects Product Labels For Woocommerce: from n/a through 1.5.8.
CVSS: HIGH (7.6) EPSS Score: 0.04%
December 7th, 2024 (6 months ago)
|
|
CVE-2024-53815 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Blind SQL Injection.This issue affects Pinpoint Booking System: from n/a through 2.9.9.5.1.
CVSS: HIGH (8.5) EPSS Score: 0.04%
December 7th, 2024 (6 months ago)
|
|
CVE-2024-53812 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacques Malgrange WP GeoNames allows Reflected XSS.This issue affects WP GeoNames: from n/a through 1.8.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (6 months ago)
|
|
CVE-2024-53808 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms – Ultimate Form Builder allows SQL Injection.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.7.8.
CVSS: HIGH (8.5) EPSS Score: 0.05%
December 7th, 2024 (6 months ago)
|
|
CVE-2024-53807 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in brandtoss WP Mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through 1.8.16.0.
CVSS: HIGH (8.5) EPSS Score: 0.04%
December 7th, 2024 (6 months ago)
|
|
CVE-2024-53805 |
Description: Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 7th, 2024 (6 months ago)
|
|
CVE-2024-53804 |
Description: Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.16.0.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 7th, 2024 (6 months ago)
|