Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-53820 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Captivate Audio Ltd Captivate Sync allows Stored XSS.This issue affects Captivate Sync: from n/a through 2.0.22.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53817 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Acowebs Product Labels For Woocommerce allows Blind SQL Injection.This issue affects Product Labels For Woocommerce: from n/a through 1.5.8.
CVSS: HIGH (7.6) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53815 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Blind SQL Injection.This issue affects Pinpoint Booking System: from n/a through 2.9.9.5.1.
CVSS: HIGH (8.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53813 |
Description: Missing Authorization vulnerability in WP Travel WP Travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through 9.6.0.
CVSS: MEDIUM (6.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53812 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacques Malgrange WP GeoNames allows Reflected XSS.This issue affects WP GeoNames: from n/a through 1.8.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53811 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit allows Upload a Web Shell to a Web Server.This issue affects WDesignkit: from n/a through 1.0.40.
CVSS: MEDIUM (6.6) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53810 |
Description: Missing Authorization vulnerability in Najeeb Ahmad Simple User Registration allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Simple User Registration: from n/a through 5.5.
CVSS: CRITICAL (9.1) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53809 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Namaste! LMS allows Cross Site Request Forgery.This issue affects Namaste! LMS: from n/a through 2.6.4.1.
CVSS: MEDIUM (4.3) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53808 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms – Ultimate Form Builder allows SQL Injection.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.7.8.
CVSS: HIGH (8.5) EPSS Score: 0.05%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53807 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in brandtoss WP Mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through 1.8.16.0.
CVSS: HIGH (8.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|