CVE Alert: CVE-2024-12635
Vulnerability Summary: CVE-2024-12635 The WP Docs plugin for WordPress is vulnerable to time-based SQL Injection via the 'dir_id' parameter in...
Vulnerability Summary: CVE-2024-12635 The WP Docs plugin for WordPress is vulnerable to time-based SQL Injection via the 'dir_id' parameter in...
Vulnerability Summary: CVE-2024-12262 The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'step' parameter in...
Vulnerability Summary: CVE-2024-12771 The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in...
Vulnerability Summary: CVE-2024-12721 The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all...
Vulnerability Summary: CVE-2024-10453 The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to...
Vulnerability Summary: CVE-2024-12588 The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Vulnerability Summary: CVE-2024-9545 The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
Vulnerability Summary: CVE-2024-10797 The Full Screen Menu for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions...
Vulnerability Summary: CVE-2024-11808 The Pingmeter Uptime Monitoring plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the '_wpnonce' parameter...
Vulnerability Summary: CVE-2024-12408 The WP on AWS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST data in...
Vulnerability Summary: CVE-2024-12591 The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wb_share_social shortcode in...
Vulnerability Summary: CVE-2024-11722 The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter...
Vulnerability Summary: CVE-2024-12558 The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to unauthorized access...
Vulnerability Summary: CVE-2024-11688 The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ver' or 'date' parameter...
Vulnerability Summary: CVE-2024-12884 A vulnerability was found in Codezips E-Commerce Website 1.0. It has been rated as critical. Affected by...
Vulnerability Summary: CVE-2024-51463 IBM i 7.3, 7.4, and 7.5 is vulnerable to server-side request forgery (SSRF). This may allow an...
Vulnerability Summary: CVE-2024-12883 A vulnerability was found in code-projects Job Recruitment 1.0. It has been declared as problematic. Affected by...
Vulnerability Summary: CVE-2024-12875 The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to...
Vulnerability Summary: CVE-2024-51464 IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By sending...
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on December 3, 2024. These...
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on November 26, 2024. These...
CISA and Partners Release Joint Guidance on PRC-Affiliated Threat Actor Compromising Networks of Global Telecommunications Providers Today, CISA—in partnership with...
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...