2024-06-20
2024-06-20 04:15Z
HIGH

CVE-2024-5605 — Davidlingren Media_library_assistant: The Media Library Assistant plugin for WordPress is vulnerable to time-based SQL Injection via

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-5605

The Media Library Assistant plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter within the mla_tag_cloud Shortcode in all versions up to, and including, 3.16 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that c CVSSv3.1 8.8 (HIGH)

CWECWE 89VNDDavidlingrenVNDMediaTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-06-20
2024-06-20 02:15Z
CRIT

CVE-2024-5432 — Webinane Lifeline_donation: The Lifeline Donation plugin for WordPress is vulnerable to authentication bypass in versions up

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-5432

The Lifeline Donation plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2.6. This is due to insufficient verification on the user being supplied during the checkout through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. CVSSv3.1 9.8 (CRITICAL)

CWECWE 288CWECWE 287VNDWebinaneVNDLifelineTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2024-06-20
2024-06-20 02:15Z
CRIT

CVE-2024-3605 — Thimpress Wp_hotel_booking: The WP Hotel Booking plugin for WordPress is vulnerable to SQL Injection via the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3605

The WP Hotel Booking plugin for WordPress is vulnerable to SQL Injection via the 'room_type' parameter of the /wphb/v1/rooms/search-rooms REST API endpoint in all versions up to, and including, 2.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive inf CVSSv3.1 10.0 (CRITICAL)

CWECWE 89VNDThimpressVNDHotelTYPVulnerability
10.0
CVSS v3.1
100
Edit Score
2024-06-20
2024-06-20 02:15Z
HIGH

CVE-2024-3562 — Custom_field_suite_project Custom_field_suite: The Custom Field Suite plugin for WordPress is vulnerable to PHP Code Injection in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3562

The Custom Field Suite plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 2.6.7 via the Loop custom field. This is due to insufficient sanitization of input prior to being used in a call to the eval() function. This makes it possible for authenticated attackers, with contributor-level access and above, to execute arbitrary PHP code on the server. CVSSv3.1 8.8 (HIGH)

CWECWE 94CWECWE 95VNDCustom Field Suite ProjectVNDCustomTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-06-20
2024-06-20 02:15Z
HIGH

CVE-2024-3561 — Custom_field_suite_project Custom_field_suite: The Custom Field Suite plugin for WordPress is vulnerable to SQL Injection via the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3561

The Custom Field Suite plugin for WordPress is vulnerable to SQL Injection via the the 'Term' custom field in all versions up to, and including, 2.6.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information CVSSv3.1 8.8 (HIGH)

CWECWE 89VNDCustom Field Suite ProjectVNDCustomTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-06-19
2024-06-19 14:15Z
CRIT

CVE-2024-38612 — Linux Linux_kernel: This issue exist since commit 46738b1317e1 ("ipv6: sr: add option to control lwtunnel support")

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-38612

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL is not defined. In that case if seg6_hmac_init() fails, the genl_unregister_family() isn't called. This issue exist since commit 46738b1317e1 ("ipv6: sr: add option to control lwtunnel support"), and commit 5559cea2d5aa ("ipv6: sr: fix possible use-after-free and null-ptr-deref") replaced un CVSSv3.1 9.8 (CRITICAL) · EPSS 37th percentile

CWECWE 416CWECWE 476TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2024-06-19
2024-06-19 06:15Z
HIGH

CVE-2024-6132 — Pexels: The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-6132

The Pexels: Free Stock Photos plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'pexels_fsp_images_options_validate' function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH)

CWECWE 434VNDPexelsTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
728 × 90 / responsive · programmatic ad slot
2024-06-19
2024-06-19 06:15Z
CRIT

CVE-2024-5853 — Sirv Sirv: The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-5853

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sirv_upload_file_by_chanks AJAX action in all versions up to, and including, 7.2.6. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 9.9 (CRITICAL)

CWECWE 434VNDSirvVNDImageTYPVulnerability
9.9
CVSS v3.1
100
Edit Score
2024-06-19
2024-06-19 06:15Z
HIGH

CVE-2024-5343 — Photo: The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-5343

The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.19. This is due to missing or incorrect nonce validation on the 'rbs_ajax_create_article' and 'rbs_ajax_reset_views' functions. This makes it possible for unauthenticated attackers to create new posts and reset gallery view counts via a forged request granted they can trick a Contributor+ level user into performing a CVSSv3.1 8.8 (HIGH)

CWECWE 352TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-06-19
2024-06-19 05:15Z
CRIT

CVE-2024-3229 — Salonbookingsystem Salon_booking_system: The Salon booking system plugin for WordPress is vulnerable to arbitrary file uploads due

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3229

The Salon booking system plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the SLN_Action_Ajax_ImportAssistants function along with missing authorization checks in all versions up to, and including, 10.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 9.8 (CRITICAL)

CWECWE 434VNDSalonbookingsystemVNDSalonTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2024-06-19
2024-06-19 04:15Z
HIGH

CVE-2024-5724 — Webhuntinfotech Photo_video_gallery_master: The Photo Video Gallery Master plugin for WordPress is vulnerable to PHP Object Injection

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-5724

The Photo Video Gallery Master plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.5.3 via deserialization of untrusted input 'PVGM_all_photos_details' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it CVSSv3.1 8.8 (HIGH)

CWECWE 502VNDWebhuntinfotechTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-06-19
2024-06-19 04:15Z
CRIT

CVE-2024-5021 — WordPress: The WordPress Picture / Portfolio / Media Gallery plugin for WordPress is vulnerable to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-5021

The WordPress Picture / Portfolio / Media Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.0.1 via the 'file_get_contents' function. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. CVSSv3.1 9.3 (CRITICAL)

CWECWE 918VNDWordpressTYPVulnerability
9.3
CVSS v3.1
97
Edit Score
2024-06-19
2024-06-19 04:15Z
HIGH

CVE-2024-2381 — Ali2woo Aliexpress_dropshipping_with_alinext: The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-2381

The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_save_image function in all versions up to, and including, 3.3.5. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH)

CWECWE 434VNDAli2wooVNDAliexpressTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-06-19
2024-06-19 02:15Z
HIGH

CVE-2024-6125 — Login: The Login with phone number plugin for WordPress is vulnerable to unauthorized password resets

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-6125

The Login with phone number plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 1.7.34. This is due to the plugin generating too weak a reset code, and the code used to reset the password has no attempt or time limit. This makes it possible for unauthenticated attackers to reset the password of arbitrary users by guessing a 6-digit numeric reset code. CVSSv3.1 8.1 (HIGH)

CWECWE 640VNDLoginTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2024-06-18
2024-06-18 20:15Z
HIGH

CVE-2024-37821 — Dolibarr Dolibarr_erp\/crm: An arbitrary file upload vulnerability in the Upload Template function of Dolibarr ERP CRM

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-37821

An arbitrary file upload vulnerability in the Upload Template function of Dolibarr ERP CRM up to v19.0.1 allows attackers to execute arbitrary code via uploading a crafted .SQL file. CVSSv3.1 8.8 (HIGH) · EPSS 51th percentile

CWECWE 94VNDDolibarrTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-06-17
2024-06-17 21:15Z
CRIT

CVE-2023-37058 — Unionman Jlink_ax1800_firmware: Ltd Jlink AX1800 v.1.0 allows a remote attacker to escalate privileges via a crafted

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-37058

Insecure Permissions vulnerability in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to escalate privileges via a crafted command. CVSSv3.1 9.8 (CRITICAL) · EPSS 47th percentile

CWECWE 269VNDUnionmanTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2024-06-17
2024-06-17 21:15Z
CRIT

CVE-2023-37057 — JLINK: Ltd Jlink AX1800 v.1.0 allows a remote attacker to execute arbitrary code via the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-37057

An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to execute arbitrary code via the router's authentication mechanism. CVSSv3.1 9.8 (CRITICAL) · EPSS 56th percentile

CWECWE 288VNDJlinkTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2024-06-17
2024-06-17 19:15Z
CRIT

CVE-2024-36543 — Incorrect: access control in the Kafka Connect REST API in the STRIMZI Project 0.41.0

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-36543

Incorrect access control in the Kafka Connect REST API in the STRIMZI Project 0.41.0 and earlier allows an attacker to deny the service for Kafka Mirroring, potentially mirror the topics' content to his Kafka cluster via a malicious connector (bypassing Kafka ACL if it exists), and potentially steal Kafka SASL credentials, by querying the MirrorMaker Kafka REST API. CVSSv3.1 9.8 (CRITICAL) · EPSS 41th percentile

CWECWE 400TYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2024-06-15
2024-06-15 09:15Z
CRIT

CVE-2024-4258 — Yotuwp Video_gallery: The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4258

The Video Gallery – YouTube Playlist, Channel Gallery by YotuWP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3.13 via the settings parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and oth CVSSv3.1 9.8 (CRITICAL)

CWECWE 98VNDYotuwpVNDVideoTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2024-06-15
2024-06-15 09:15Z
CRIT

CVE-2024-3105 — Woody: The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3105

The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the 'insert_php' shortcode. This is due to the plugin not restricting the usage of the functionality to high level authorized users. This makes it possible for authenticated attackers, with contributor-level access and above, to execute code on the server. CVSSv3.1 9.9 (CRITICAL)

CWECWE 94VNDWoodyTYPVulnerability
9.9
CVSS v3.1
100
Edit Score
2024-06-15
2024-06-15 04:15Z
CRIT

CVE-2024-5871 — Wpwebelite Woocommerce_social_login: The WooCommerce - Social Login plugin for WordPress is vulnerable to PHP Object Injection

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-5871

The WooCommerce - Social Login plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.6.2 via deserialization of untrusted input from the 'woo_slg_verify' vulnerable parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to d CVSSv3.1 9.8 (CRITICAL)

CWECWE 502VNDWpwebeliteVNDWoocommerceTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2024-06-15
2024-06-15 02:15Z
HIGH

CVE-2024-3813 — Tagdiv Tagdiv_composer: The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3813

The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8 via the 'td_block_title' shortcode 'block_template_id' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code exe CVSSv3.1 8.8 (HIGH)

CWECWE 98VNDTagdivVNDComposerTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-06-15
2024-06-15 02:15Z
HIGH

CVE-2023-6696 — Sygnoos Popup_builder: plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-6696

The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on several functions in all versions up to, and including, 4.3.1. While some functions contain a nonce check, the nonce can be obtained from the profile page of a logged-in user. This allows subscribers to perform several actions including deleting subscribers and perform blind Server-Side CVSSv3.1 8.1 (HIGH)

CWECWE 862VNDSygnoosTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2024-06-14
2024-06-14 13:15Z
HIGH

CVE-2024-2024 — Folders: The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-2024

The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_folders_file_upload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH)

CWECWE 22TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-06-14
2024-06-14 10:15Z
CRIT

CVE-2024-2472 — Latepoint Latepoint: The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-2472

The LatePoint Plugin plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the 'start_or_use_session_for_customer' function in all versions up to and including 4.9.9. This makes it possible for unauthenticated attackers to view other customer's cabinets, including the ability to view PII such as email addresses and to change their LatePoint user password, which may or may not be associated with a WordPr CVSSv3.1 9.1 (CRITICAL)

CWECWE 639VNDLatepointTYPVulnerability
9.1
CVSS v3.1
96
Edit Score