Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-11689 |
Description: The HQ Rental Software plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.29. This is due to missing or incorrect nonce validation on the displaySettingsPage() function. This makes it possible for unauthenticated attackers to update arbitrary options that can be leveraged for privilege escalation via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
CVSS: HIGH (8.8) EPSS Score: 0.06%
December 13th, 2024 (4 months ago)
|
|
CVE-2024-11443 |
Description: The de:branding plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the debranding_save() function in all versions up to, and including, 1.0.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site.
CVSS: HIGH (8.8) EPSS Score: 0.06%
December 13th, 2024 (4 months ago)
|
|
CVE-2024-11274 |
Description: An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, injection of NEL headers in k8s proxy response could lead to session data exfiltration.
CVSS: HIGH (8.7) EPSS Score: 0.06%
December 13th, 2024 (4 months ago)
|
|
CVE-2024-11052 |
Description: The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the calculations parameter in all versions up to, and including, 3.8.19 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVSS: HIGH (7.2) EPSS Score: 0.05%
December 13th, 2024 (4 months ago)
|
|
CVE-2024-10910 |
Description: The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary shortcode execution via grid_plus_load_by_category AJAX action in all versions up to, and including, 1.3.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
CVSS: HIGH (7.3) EPSS Score: 0.05%
December 13th, 2024 (4 months ago)
|
|
CVE-2024-10590 |
Description: The Opt-In Downloads plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the admin_upload() function in all versions up to, and including, 4.07. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. Due to the presence of an .htaccess file, this can only be exploited to achieve RCE on NGINX servers, unless another vulnerability is present.
CVSS: HIGH (8.8) EPSS Score: 0.05%
December 13th, 2024 (4 months ago)
|
|
CVE-2024-10111 |
Description: The OAuth Single Sign On – SSO (OAuth Client) plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.26.3. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username and the user does not have an already-existing account for the service returning the token.
CVSS: HIGH (8.1) EPSS Score: 0.09%
December 13th, 2024 (4 months ago)
|
|
CVE-2023-2847 |
Description:
During internal security analysis, a local privilege escalation vulnerability has been identified. On a machine with the affected ESET product installed, it was possible for a user with lower privileges due to improper privilege management to trigger actions with root privileges.
ESET remedied this possible attack vector and has prepared new builds of its products that are no longer susceptible to this vulnerability.
CVSS: HIGH (7.8) EPSS Score: 0.04%
December 13th, 2024 (4 months ago)
|
|
CVE-2023-23841 |
Description:
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request. Part of the URL of the request discloses sensitive data.
CVSS: HIGH (7.5) EPSS Score: 0.18%
December 13th, 2024 (4 months ago)
|
|
CVE-2024-9845 |
Description: Under specific circumstances, insecure permissions in Ivanti Automation before version 2024.4.0.1 allows a local authenticated attacker to achieve local privilege escalation.
CVSS: HIGH (7.8) EPSS Score: 0.04%
December 12th, 2024 (4 months ago)
|