Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-53820
WordPress Captivate Sync plugin <= 2.0.22 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Captivate Audio Ltd Captivate Sync allows Stored XSS.This issue affects Captivate Sync: from n/a through 2.0.22.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (4 months ago)

CVE-2024-53813
WordPress wp-travel plugin <= 9.6.0 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in WP Travel WP Travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through 9.6.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (4 months ago)

CVE-2024-53811
WordPress WDesignKit plugin <= 1.0.40 - Arbitrary File Upload vulnerability
Description: Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit allows Upload a Web Shell to a Web Server.This issue affects WDesignkit: from n/a through 1.0.40.

CVSS: MEDIUM (6.6)

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (4 months ago)

CVE-2024-53809
WordPress Namaste! LMS plugin <= 2.6.4.1 - Cross Site Request Forgery (CSRF) vulnerability
Description: Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Namaste! LMS allows Cross Site Request Forgery.This issue affects Namaste! LMS: from n/a through 2.6.4.1.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (4 months ago)

CVE-2024-53806
WordPress Maspik plugin <= 2.2.7 - CSRF to Settings Change vulnerability
Description: Missing Authorization vulnerability in WpMaspik Maspik – Spam blacklist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Maspik – Spam blacklist: from n/a through 2.2.7.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (4 months ago)

CVE-2024-53803
WordPress WP Mailster plugin <= 1.8.16.0 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (4 months ago)

CVE-2024-53802
WordPress Futurio Extra plugin <= 2.0.14 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FuturioWP Futurio Extra allows Stored XSS.This issue affects Futurio Extra: from n/a through 2.0.14.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (4 months ago)

CVE-2024-53801
WordPress Bold Page Builder plugin <= 5.2.1 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes Bold Page Builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through 5.2.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (4 months ago)

CVE-2024-53799
WordPress FloristPress plugin <= 7.3.0 - Broken Access Control vulnerability
Description: Missing Authorization vulnerability in BAKKBONE Australia FloristPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FloristPress: from n/a through 7.3.0.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
December 7th, 2024 (4 months ago)

CVE-2024-53797
WordPress Beaver Builder – WordPress Page Builder plugin <= 2.8.4.3 - Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This issue affects Beaver Builder: from n/a through 2.8.4.3.

CVSS: MEDIUM (6.5)

EPSS Score: 0.05%

Source: CVE
December 7th, 2024 (4 months ago)