Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2023-7061 — Advancedfilemanager File_manager_advanced_shortcode: The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads
The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 2.5.3. This makes it possible for authenticated attackers with contributor access or above to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH)
CVE-2023-48194 — Tenda Ac8_firmware: Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8
Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained. CVSSv3.1 9.8 (CRITICAL) · EPSS 52th percentile
CVE-2024-39171 — Phpvibe Phpvibe: Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which
Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix. CVSSv3.1 9.8 (CRITICAL) · EPSS 66th percentile
CVE-2024-3596 — Freeradius Freeradius: RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. CVSSv3.1 9.0 (CRITICAL) · EPSS 95th percentile
CVE-2024-37418 — Church_admin_project Church_admin: Unrestricted Upload of File with Dangerous Type vulnerability in andy_moyle Church Admin church-admin.This issue
Unrestricted Upload of File with Dangerous Type vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.4.6. CVSSv3.1 9.9 (CRITICAL) · EPSS 52th percentile
CVE-2024-6069 — Registration: The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form
The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the pieregister_install_addon function in all versions up to, and including, 3.8.3.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins. As a result att CVSSv3.1 8.8 (HIGH)
CVE-2024-5456 — Panda: The Panda Video plugin for WordPress is vulnerable to Local File Inclusion in all
The Panda Video plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.0 via the 'selected_button' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and oth CVSSv3.1 8.8 (HIGH)
CVE-2024-3604 — Hyumika Openstreetmap: The OSM – OpenStreetMap plugin for WordPress is vulnerable to SQL Injection via the
The OSM – OpenStreetMap plugin for WordPress is vulnerable to SQL Injection via the 'tagged_filter' attribute of the 'osm_map_v3' shortcode in all versions up to, and including, 6.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used CVSSv3.1 9.9 (CRITICAL)
CVE-2024-6321 — ScrollTo: The ScrollTo Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary
The ScrollTo Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 1.1.1. This is due to missing nonce validation and missing file type validation in the 'options_page' function. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible via a forged request granted they can trick a site administrator into CVSSv3.1 8.8 (HIGH)
CVE-2024-6320 — ScrollTo: The ScrollTo Top plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary
The ScrollTo Top plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 1.2.2. This is due to missing nonce validation and missing file type validation in the 'options_page' function. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible via a forged request granted they can trick a site administrator into pe CVSSv3.1 8.8 (HIGH)
CVE-2024-6317 — Zealousweb Generate_pdf_using_contact_form_7: The Generate PDF using Contact Form 7 plugin for WordPress is vulnerable to Cross-Site
The Generate PDF using Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 4.1.2. This is due to missing nonce validation and the plugin not properly validating a file or its path prior to deleting it in the 'wp_cf7_pdf_dashboard_html_page' function. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover CVSSv3.1 8.8 (HIGH)
CVE-2024-6316 — Zealousweb Generate_pdf_using_contact_form_7: The Generate PDF using Contact Form 7 plugin for WordPress is vulnerable to Cross-Site
The Generate PDF using Contact Form 7 plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 4.1.2. This is due to missing nonce validation and missing file type validation in the 'wp_cf7_pdf_dashboard_html_page' function. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible via a forged request granted they CVSSv3.1 8.8 (HIGH)
CVE-2024-6314 — Testimonials: The IQ Testimonials plugin for WordPress is vulnerable to arbitrary file uploads due to
The IQ Testimonials plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'process_image_upload' function in versions up to, and including, 2.2.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. This can only be exploited if the 'gd' php extension is not loaded on the server. CVSSv3.1 9.8 (CRITICAL)
CVE-2024-6313 — Gutenberg: The Gutenberg Forms plugin for WordPress is vulnerable to arbitrary file uploads due to
The Gutenberg Forms plugin for WordPress is vulnerable to arbitrary file uploads due to the users can specify the allowed file types in the 'upload' function in versions up to, and including, 2.2.9. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 9.8 (CRITICAL)
CVE-2024-6310 — Advanced: The Advanced AJAX Page Loader plugin for WordPress is vulnerable to Cross-Site Request Forgery
The Advanced AJAX Page Loader plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 2.7.7. This is due to missing nonce validation in the 'admin_init_AAPL' function and missing file type validation in the 'AAPL_options_validate' function. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible via a forged req CVSSv3.1 8.8 (HIGH)
CVE-2024-6309 — Attachment: The Attachment File Icons (AF Icons) plugin for WordPress is vulnerable to Cross-Site Request
The Attachment File Icons (AF Icons) plugin for WordPress is vulnerable to Cross-Site Request Forgery to Arbitrary File Upload in versions up to, and including, 1.3. This is due to missing nonce validation in the 'afi_overview' function and missing file type validation in the 'upload_icons' function. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible via a forged request gr CVSSv3.1 8.8 (HIGH)
CVE-2024-6161 — Default: The Default Thumbnail Plus plugin for WordPress is vulnerable to arbitrary file uploads due
The Default Thumbnail Plus plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'get_cache_image' function in all versions up to, and including, 1.0.2.3. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH)
CVE-2024-37555 — Zealousweb Generate_pdf_using_contact_form_7: Unrestricted Upload of File with Dangerous Type vulnerability in ZealousWeb Generate PDF using Contact
Unrestricted Upload of File with Dangerous Type vulnerability in ZealousWeb Generate PDF using Contact Form 7 generate-pdf-using-contact-form-7.This issue affects Generate PDF using Contact Form 7: from n/a through <= 4.1.2. CVSSv3.1 9.1 (CRITICAL)
CVE-2024-5441 — Webnus Modern_events_calendar: The Modern Events Calendar plugin for WordPress is vulnerable to arbitrary file uploads due
The Modern Events Calendar plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the set_featured_image function in all versions up to, and including, 7.11.0. This makes it possible for authenticated attackers, with subscriber access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. The plugin allows administrators (via its settings) to extend the ability to submit ev CVSSv3.1 8.8 (HIGH)
CVE-2024-6166 — Unlimited-elements Unlimited_elements_for_elementor_\(free_widgets\,_addons\,_templ: The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vuln
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to time-based SQL Injection via the ‘addons_order’ parameter in all versions up to, and including, 1.5.112 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above and granted plugin setting edit permissions by an ad CVSSv3.1 8.8 (HIGH)
CVE-2024-6365 — Product: The Product Table by WBW plugin for WordPress is vulnerable to Remote Code Execution
The Product Table by WBW plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.1 via the 'saveCustomTitle' function. This is due to missing authorization and lack of sanitization of appended data in the languages/customTitle.php file. This makes it possible for unauthenticated attackers to execute code on the server. CVSSv3.1 9.8 (CRITICAL)
CVE-2024-5793 — Houzez: The Houzez Theme - Functionality plugin for WordPress is vulnerable to SQL Injection via
The Houzez Theme - Functionality plugin for WordPress is vulnerable to SQL Injection via the ‘currency_code’ parameter in all versions up to, and including, 3.2.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Custom-level (seller) access and above, to append additional SQL queries into already existing queries that can be used to extract sensiti CVSSv3.1 8.8 (HIGH)
CVE-2024-5943 — Kylephillips Nested_pages: The Nested Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all
The Nested Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.7. This is due to missing or incorrect nonce validation on the 'settingsPage' function and missing santization of the 'tab' parameter. This makes it possible for unauthenticated attackers to call local php files via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH)
CVE-2024-6319 — Wbolt Imgspider: The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing
The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload' function in all versions up to, and including, 2.3.10. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH)
CVE-2024-6318 — Wbolt Imgspider: The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing
The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload_img_file' function in all versions up to, and including, 2.3.10. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH)