Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2024-40495 — Linksys E2500_firmware: A vulnerability was discovered in Linksys Router E2500 with firmware 2.0.00, allows authenticated attackers
A vulnerability was discovered in Linksys Router E2500 with firmware 2.0.00, allows authenticated attackers to execute arbitrary code via the hnd_parentalctrl_unblock function. CVSSv3.1 8.0 (HIGH) · EPSS 54th percentile
CVE-2024-38708 — Ukrsolution Barcode_scanner_and_inventory_manager: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through <= 1.6.1. CVSSv3.1 8.5 (HIGH)
CVE-2024-6497 — Squirrly Seo_plugin_by_squirrly_seo: The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site
The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 12.3.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. CVE-2024-43286 appears to be a duplicate of this issue. CVSSv3.1 8.8 (HIGH)
CVE-2024-21527 — Versions of the package github.com/gotenberg/gotenberg/v8/pkg/gotenberg before 8.1.0; versions of the package github.com/gotenberg/gotenberg/v8/pkg/modules/chromium before 8.1.0
Versions of the package github.com/gotenberg/gotenberg/v8/pkg/gotenberg before 8.1.0; versions of the package github.com/gotenberg/gotenberg/v8/pkg/modules/chromium before 8.1.0; versions of the package github.com/gotenberg/gotenberg/v8/pkg/modules/webhook before 8.1.0 are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when a request is made to a file via localhost, such as <iframe src="\\localhost/etc/passwd">. By exploiting this vulnerabilit CVSSv3.1 8.2 (HIGH) · EPSS 43th percentile
CVE-2024-0857 — Uni-yaz Flexwater_corporate_water_management: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Universal Software Inc. FlexWater Corporate Water Management allows SQL Injection. This issue affects FlexWater Corporate Water Management: before 5.452.0. CVSSv3.1 9.8 (CRITICAL) · EPSS 31th percentile
CVE-2024-5619 — Authorization: Bypass Through User-Controlled Key vulnerability in PruvaSoft Informatics Apinizer Management Console allows Exploiting
Authorization Bypass Through User-Controlled Key vulnerability in PruvaSoft Informatics Apinizer Management Console allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Apinizer Management Console: before 2024.05.1. CVSSv3.1 9.6 (CRITICAL) · EPSS 8th percentile
CVE-2024-5618 — Incorrect: Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics Apinizer Management Console allows
Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics Apinizer Management Console allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Apinizer Management Console: before 2024.05.1. CVSSv3.1 9.9 (CRITICAL) · EPSS 32th percentile
CVE-2024-3242 — Brizy Brizy: The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads
The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension validation in the validateImageContent function called via storeImages in all versions up to, and including, 2.4.43. This makes it possible for authenticated attackers, with contributor access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. Version 2.4.44 prevents the upload of files ending in .sh CVSSv3.1 8.8 (HIGH)
CVE-2024-5726 — Timeline: The Timeline Event History plugin for WordPress is vulnerable to PHP Object Injection in
The Timeline Event History plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.1 via deserialization of untrusted input 'timelines-data' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the CVSSv3.1 8.8 (HIGH)
CVE-2024-6220 — Keydatas Keydatas: The 简数采集器 (Keydatas) plugin for WordPress is vulnerable to arbitrary file uploads due to
The 简数采集器 (Keydatas) plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the keydatas_downloadImages function in all versions up to, and including, 2.5.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 9.8 (CRITICAL)
CVE-2024-6660 — Reputeinfosystems Bookingpress: The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress
The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the bookingpress_import_data_continue_process_func function in all versions up to, and including, 1.1.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site an CVSSv3.1 8.8 (HIGH)
CVE-2024-6467 — Reputeinfosystems Bookingpress: The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress
The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to Arbitrary File Read to Arbitrary File Creation in all versions up to, and including, 1.1.5 via the 'bookingpress_save_lite_wizard_settings_func' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create arbitrary files that contain the content of files (either on the local server or from a remote locati CVSSv3.1 8.8 (HIGH)
CVE-2024-21182 — Oracle Weblogic_server: Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base S CVSSv3.1 7.5 (HIGH) · EPSS 99th percentile
CVE-2024-6457 — Pluginus Husky_-_products_filter_professional_for_woocommerce: The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to
The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the ‘woof_author’ parameter in all versions up to, and including, 1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive informa CVSSv3.1 9.8 (CRITICAL)
CVE-2024-37927 — Incorrect: Privilege Assignment vulnerability in NooTheme Jobmonster noo-jobmonster allows Privilege Escalation.This issue affects Jobmonster
Incorrect Privilege Assignment vulnerability in NooTheme Jobmonster noo-jobmonster allows Privilege Escalation.This issue affects Jobmonster: from n/a through <= 4.7.5. CVSSv3.1 9.8 (CRITICAL) · EPSS 39th percentile
CVE-2024-37560 — Incorrect: Privilege Assignment vulnerability in iqbalrony WP User Switch wp-user-switch allows Privilege Escalation.This issue
Incorrect Privilege Assignment vulnerability in iqbalrony WP User Switch wp-user-switch allows Privilege Escalation.This issue affects WP User Switch: from n/a through <= 1.1.3. CVSSv3.1 8.0 (HIGH)
CVE-2024-5325 — Wpvibes Form_vibes: The Form Vibes plugin for WordPress is vulnerable to SQL Injection via the ‘fv_export_data’
The Form Vibes plugin for WordPress is vulnerable to SQL Injection via the ‘fv_export_data’ parameter in all versions up to, and including, 1.4.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from CVSSv3.1 8.8 (HIGH)
CVE-2024-6328 — Inspireui Mstore_api: The MStore API – Create Native Android & iOS Apps On The Cloud plugin
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 4.14.7. This is due to insufficient verification on the 'phone' parameter of the 'firebase_sms_login' and 'firebase_sms_login_v2' functions. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email address or phone numbe CVSSv3.1 9.8 (CRITICAL)
CVE-2024-6353 — Standalonetech Terawallet: The Wallet for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the
The Wallet for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'search[value]' parameter in all versions up to, and including, 1.5.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive informa CVSSv3.1 8.8 (HIGH)
CVE-2024-6666 — Wedevs Wp_erp: The WP ERP plugin for WordPress is vulnerable to SQL Injection via the ‘vendor_id’
The WP ERP plugin for WordPress is vulnerable to SQL Injection via the ‘vendor_id’ and 'status' parameter in all versions up to, and including, 1.13.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Accounting Manager access (erp_ac_view_sales_summary capability) and above, to append additional SQL queries into already existing queries that can b CVSSv3.1 8.8 (HIGH)
CVE-2024-6624 — Parorrey Json_api_user: The JSON API User plugin for WordPress is vulnerable to privilege escalation in all
The JSON API User plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.9.3. This is due to improper controls on custom user meta fields. This makes it possible for unauthenticated attackers to register as administrators on the site. The plugin requires the JSON API plugin to also be installed. CVSSv3.1 9.8 (CRITICAL)
CVE-2024-6397 — Instawp Instawp_connect: The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 0.1.0.44. This is due to insufficient verification of the API key. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the username, and to perform a variety of other administrative tasks. NOTE: This vulnerability was partially fixed i CVSSv3.1 9.8 (CRITICAL)
CVE-2024-6411 — Metagauss Profilegrid: The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.8.9. This is due to a lack of validation on user-supplied data in the 'pm_upload_image' AJAX action. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update their user capabilities to Administrator. CVSSv3.1 8.8 (HIGH)
CVE-2024-5792 — Houzez: The Houzez CRM plugin for WordPress is vulnerable to time-based SQL Injection via the
The Houzez CRM plugin for WordPress is vulnerable to time-based SQL Injection via the notes ‘belong_to’ parameter in all versions up to, and including, 1.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Custom-level (seller) access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive in CVSSv3.1 8.8 (HIGH)
CVE-2023-7062 — Advanced: The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to Directory Traversal in
The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4. This makes it possible for attackers with contributor access or higher to read the contents of arbitrary files on the server, which can contain sensitive information. CVSSv3.1 8.8 (HIGH)