Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-53907 |
Description: An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.
CVSS: LOW (0.0) EPSS Score: 0.05%
December 7th, 2024 (5 months ago)
|
|
CVE-2024-53826 |
Description: Missing Authorization vulnerability in WPSight WPCasa allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPCasa: from n/a through 1.2.13.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2024-53825 |
Description: Missing Authorization vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through 6.3.2.
CVSS: MEDIUM (4.7) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2024-53824 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AREOI All Bootstrap Blocks allows PHP Local File Inclusion.This issue affects All Bootstrap Blocks: from n/a through 1.3.19.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2024-53823 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.6.14.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2024-53821 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pie Register Premium allows Reflected XSS.This issue affects Pie Register Premium: from n/a through n/a.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2024-53820 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Captivate Audio Ltd Captivate Sync allows Stored XSS.This issue affects Captivate Sync: from n/a through 2.0.22.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2024-53817 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Acowebs Product Labels For Woocommerce allows Blind SQL Injection.This issue affects Product Labels For Woocommerce: from n/a through 1.5.8.
CVSS: HIGH (7.6) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2024-53815 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Blind SQL Injection.This issue affects Pinpoint Booking System: from n/a through 2.9.9.5.1.
CVSS: HIGH (8.5) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|
|
CVE-2024-53813 |
Description: Missing Authorization vulnerability in WP Travel WP Travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through 9.6.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 7th, 2024 (5 months ago)
|