Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-54370

Description: Unrestricted Upload of File with Dangerous Type vulnerability in SuitePlugins Video & Photo Gallery for Ultimate Member allows Upload a Web Shell to a Web Server.This issue affects Video & Photo Gallery for Ultimate Member: from n/a through 1.1.0.

CVSS: CRITICAL (9.9)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (5 months ago)

CVE-2024-54369

Description: Missing Authorization vulnerability in ThemeHunk Zita Site Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Zita Site Builder: from n/a through 1.0.2.

CVSS: CRITICAL (9.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (5 months ago)

CVE-2024-54368

Description: Cross-Site Request Forgery (CSRF) vulnerability in Ruben Garza, Jr. GitSync allows Code Injection.This issue affects GitSync: from n/a through 1.1.0.

CVSS: CRITICAL (9.6)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (5 months ago)

CVE-2024-54367

Description: Deserialization of Untrusted Data vulnerability in ForumWP ForumWP allows Object Injection.This issue affects ForumWP: from n/a through 2.1.0.

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (5 months ago)

CVE-2024-54366

Description: Generation of Error Message Containing Sensitive Information vulnerability in Dave Kiss Vimeography allows Retrieve Embedded Sensitive Data.This issue affects Vimeography: from n/a through 2.4.4.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (5 months ago)

CVE-2024-54365

Description: Incorrect Privilege Assignment vulnerability in Halim KH Easy User Settings allows Privilege Escalation.This issue affects KH Easy User Settings: from n/a through 1.0.0.

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (5 months ago)

CVE-2024-54364

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spartac Feedpress Generator allows Reflected XSS.This issue affects Feedpress Generator: from n/a through 1.2.1.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (5 months ago)

CVE-2024-54363

Description: Incorrect Privilege Assignment vulnerability in nssTheme Wp NssUser Register allows Privilege Escalation.This issue affects Wp NssUser Register: from n/a through 1.0.0.

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (5 months ago)

CVE-2024-54361

Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in outstrip Instant Appointment allows SQL Injection.This issue affects Instant Appointment: from n/a through 1.2.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (5 months ago)

CVE-2024-54360

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in premila Gutensee allows DOM-Based XSS.This issue affects Gutensee: from n/a through 1.0.1.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 17th, 2024 (5 months ago)