Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-54313 |
Description: Path Traversal vulnerability in FULL. FULL Customer allows Path Traversal.This issue affects FULL Customer: from n/a through 3.1.25.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54312 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ووکامرس فارسی Persian Woocommerce SMS allows Reflected XSS.This issue affects Persian Woocommerce SMS: from n/a through 7.0.5.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54311 |
Description: Missing Authorization vulnerability in i.lychkov Mark New Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark New Posts: from n/a through 7.5.1.
CVSS: MEDIUM (5.4) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54310 |
Description: Missing Authorization vulnerability in Aslam Khan Gouran Gou Manage My Account Menu allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Gou Manage My Account Menu: from n/a through 1.0.1.8.
CVSS: MEDIUM (5.3) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54309 |
Description: Insertion of Sensitive Information Into Sent Data vulnerability in wpdebuglog PostBox allows Retrieve Embedded Sensitive Data.This issue affects PostBox: from n/a through 1.0.4.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54308 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CurrencyRate.today Cryptocurrency Price Widget allows Stored XSS.This issue affects Cryptocurrency Price Widget: from n/a through 1.2.3.
CVSS: MEDIUM (5.9) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54307 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in AIpost AIcomments allows Cross Site Request Forgery.This issue affects AIcomments: from n/a through 1.4.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54306 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in KCT AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot allows Cross Site Request Forgery.This issue affects AIKCT Engine Chatbot, ChatGPT, Gemini, GPT-4o Best AI Chatbot: from n/a through 1.6.2.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54305 |
WordPress J&T Express Malaysia plugin <= 2.0.13 - Reflected Cross Site Scripting (XSS) vulnerability
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woocs J&T Express Malaysia allows Reflected XSS.This issue affects J&T Express Malaysia: from n/a through 2.0.13.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|
|
CVE-2024-54304 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hive Support Hive Support – WordPress Help Desk allows SQL Injection.This issue affects Hive Support – WordPress Help Desk: from n/a through 1.1.2.
CVSS: HIGH (8.5) EPSS Score: 0.04%
December 14th, 2024 (4 months ago)
|