2024-05-16
2024-05-16 06:15Z
HIGH

CVE-2024-4318 — Themeum Tutor_lms: The Tutor LMS plugin for WordPress is vulnerable to time-based SQL Injection via the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4318

The Tutor LMS plugin for WordPress is vulnerable to time-based SQL Injection via the ‘question_id’ parameter in versions up to, and including, 2.7.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Instructor-level permissions and above, to append additional SQL queries into already existing queries that can be used to extract sensitive informatio CVSSv3.1 8.8 (HIGH) · EPSS 71th percentile

CWECWE 89VNDThemeumVNDTutorTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-05-16
2024-05-16 03:15Z
HIGH

CVE-2024-3750 — Visualizer: The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3750

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to unauthorized modification and retrieval of data due to a missing capability check on the getQueryData() function in all versions up to, and including, 3.10.15. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform arbitrary SQL queries that can be leveraged for privilege escalation among many other actions. CVSSv3.1 8.8 (HIGH) · EPSS 56th percentile

CWECWE 862VNDVisualizerTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-05-15
2024-05-15 13:15Z
HIGH

CVE-2024-4670 — One: The All-in-One Video Gallery plugin for WordPress is vulnerable to Local File Inclusion in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4670

The All-in-One Video Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.6.5 via the aiovg_search_form shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where i CVSSv3.1 8.8 (HIGH) · EPSS 79th percentile

CWECWE 98VNDOneTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-05-15
2024-05-15 09:15Z
HIGH

CVE-2024-4010 — Email: The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to unauthorized access

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4010

The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on the handle_ajax_request function in all versions up to, and including, 5.7.19. This makes it possible for authenticated attackers, with subscriber-level access and above, to cause a loss of confidentiality, integrity, and availability, by performing multiple unauthorized actions. Some of these a CVSSv3.1 8.8 (HIGH) · EPSS 68th percentile

CWECWE 862TYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-05-15
2024-05-15 02:15Z
HIGH

CVE-2024-4847 — Alt: The Alt Text AI – Automatically generate image alt text for SEO and accessibility

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4847

The Alt Text AI – Automatically generate image alt text for SEO and accessibility plugin for WordPress is vulnerable to generic SQL Injection via the ‘last_post_id’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already CVSSv3.1 8.8 (HIGH) · EPSS 57th percentile

CWECWE 89VNDAltTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-05-14
2024-05-14 18:15Z
HIGH

CVE-2024-4367 — Mozilla Firefox: A type check was missing when handling fonts in PDF.js, which would allow arbitrary

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4367

A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. CVSSv3.1 8.8 (HIGH) · EPSS 97th percentile

CWECWE 754VNDMozillaTYPVulnerability
8.8
CVSS v3.1
100
Edit Score
2024-05-14
2024-05-14 15:44Z
HIGH

CVE-2024-4605 — Breakdance: The Breakdance plugin for WordPress is vulnerable to Remote Code Execution in all versions

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4605

The Breakdance plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.7.1 via post meta data. This is due to the plugin storing custom data in metadata without an underscore prefix. This makes it possible for lower privileged users, such as contributors, to edit this data via UI. As a result they can escalate their privileges or execute arbitrary code. CVSSv3.1 8.8 (HIGH) · EPSS 96th percentile

CWECWE 94VNDBreakdanceTYPVulnerability
8.8
CVSS v3.1
100
Edit Score
728 × 90 / responsive · programmatic ad slot
2024-05-14
2024-05-14 15:44Z
CRIT

CVE-2024-4560 — Kognetiks: The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4560

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the chatbot_chatgpt_upload_file_to_assistant function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers, with to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 9.8 (CRITICAL) · EPSS 94th percentile

CWECWE 434VNDKognetiksTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2024-05-14
2024-05-14 15:43Z
HIGH

CVE-2024-4441 — XML: The XML Sitemap & Google News plugin for WordPress is vulnerable to Local File

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4441

The XML Sitemap & Google News plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.4.8 via the 'feed' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded CVSSv3.1 8.1 (HIGH) · EPSS 66th percentile

CWECWE 98TYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2024-05-14
2024-05-14 15:43Z
CRIT

CVE-2024-4434 — Thimpress Learnpress: The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4434

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘term_id’ parameter in versions up to, and including, 4.2.6.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. CVSSv3.1 9.8 (CRITICAL) · EPSS 99th percentile

CWECWE 89VNDThimpressVNDLearnpressTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2024-05-14
2024-05-14 15:43Z
CRIT

CVE-2024-4413 — Hotel: The Hotel Booking Lite plugin for WordPress is vulnerable to PHP Object Injection in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4413

The Hotel Booking Lite plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.11.1 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execu CVSSv3.1 9.8 (CRITICAL) · EPSS 89th percentile

CWECWE 502VNDHotelTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2024-05-14
2024-05-14 15:43Z
HIGH

CVE-2024-4397 — Thimpress Learnpress: The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to arbitrary file

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4397

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'save_post_materials' function in versions up to, and including, 4.2.6.5. This makes it possible for authenticated attackers, with Instructor-level permissions and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH) · EPSS 93th percentile

CWECWE 434VNDThimpressVNDLearnpressTYPVulnerability
8.8
CVSS v3.1
97
Edit Score
2024-05-14
2024-05-14 15:42Z
HIGH

CVE-2024-3954 — Ditty: The Ditty plugin for WordPress is vulnerable to PHP Object Injection in all versions

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3954

The Ditty plugin for WordPress is vulnerable to PHP Object Injection in all versions up to 3.1.38 via deserialization of untrusted input when adding a new ditty. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files CVSSv3.1 8.8 (HIGH) · EPSS 82th percentile

CWECWE 502VNDDittyTYPVulnerability
8.8
CVSS v3.1
95
Edit Score
2024-05-14
2024-05-14 15:42Z
HIGH

CVE-2024-3828 — Spectra: The Spectra Pro plugin for WordPress is vulnerable to privilege escalation in all versions

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3828

The Spectra Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.5. This is due to the plugin allowing lower-privileged users to create registration forms and set the default role to administrator This makes it possible for authenticated attackers, with author-level access and above, to create administrator-level accounts. CVSSv3.1 8.8 (HIGH) · EPSS 34th percentile

CWECWE 269VNDSpectraTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-05-14
2024-05-14 15:42Z
HIGH

CVE-2024-3809 — Porto: The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3809

The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.0.9 via the 'slideshow_type' post meta. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases CVSSv3.1 8.8 (HIGH) · EPSS 56th percentile

CWECWE 98VNDPortoTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-05-14
2024-05-14 15:42Z
HIGH

CVE-2024-3808 — Porto: The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3808

The Porto Theme - Functionality plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.0 via the 'porto_portfolios' shortcode 'portfolio_layout' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or a CVSSv3.1 8.8 (HIGH) · EPSS 61th percentile

CWECWE 98VNDPortoTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-05-14
2024-05-14 15:42Z
HIGH

CVE-2024-3807 — Porto: The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3807

The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via 'porto_page_header_shortcode_type', 'slideshow_type' and 'post_layout' post meta. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achie CVSSv3.1 8.8 (HIGH) · EPSS 91th percentile

CWECWE 98VNDPortoTYPVulnerability
8.8
CVSS v3.1
96
Edit Score
2024-05-14
2024-05-14 15:42Z
CRIT

CVE-2024-3806 — Porto: The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3806

The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via the 'porto_ajax_posts' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included. CVSSv3.1 9.8 (CRITICAL) · EPSS 98th percentile

CWECWE 98VNDPortoTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2024-05-14
2024-05-14 15:42Z
HIGH

CVE-2024-3727 — This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3727

A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. CVSSv3.1 8.3 (HIGH)

CWECWE 354TYPVulnerability
8.3
CVSS v3.1
92
Edit Score
2024-05-14
2024-05-14 15:39Z
CRIT

CVE-2024-3070 — Last: The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to PHP Object

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3070

The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input from the LastViewedPosts Cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitr CVSSv3.1 9.8 (CRITICAL) · EPSS 86th percentile

CWECWE 502TYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2024-05-14
2024-05-14 15:39Z
HIGH

CVE-2024-3055 — Unlimited-elements Unlimited_elements_for_elementor: The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-3055

The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.5.102 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor access or higher, to append additional SQL queries into already existing queries that CVSSv3.1 8.8 (HIGH) · EPSS 62th percentile

CWECWE 89VNDUnlimited ElementsVNDUnlimitedTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-05-08
2024-05-08 03:15Z
CRIT

CVE-2024-4393 — Social: The Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4393

The Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2. This is due to insufficient verification on the OpenID server being supplied during the social login through the plugin. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email. CVSSv3.1 9.8 (CRITICAL) · EPSS 32th percentile

CWECWE 288VNDSocialTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2024-05-07
2024-05-07 15:15Z
CRIT

CVE-2024-33120 — Roothub Roothub: v2.5 was discovered to contain an arbitrary file upload vulnerability via the customPath

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-33120

Roothub v2.5 was discovered to contain an arbitrary file upload vulnerability via the customPath parameter in the upload() function. This vulnerability allows attackers to execute arbitrary code via a crafted JSP file. CVSSv3.1 9.8 (CRITICAL) · EPSS 51th percentile

CWECWE 434VNDRoothubTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2024-05-07
2024-05-07 09:15Z
CRIT

CVE-2024-4346 — Startklar: The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file deletion in

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4346

The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.7.13. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to delete arbitrary files, including the wp-config.php file, which can make site takeover and remote code execution possible. CVSSv3.1 9.1 (CRITICAL) · EPSS 96th percentile

CWECWE 22VNDStartklarTYPVulnerability
9.1
CVSS v3.1
100
Edit Score
2024-05-07
2024-05-07 09:15Z
CRIT

CVE-2024-4345 — Startklar: The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file uploads due

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-4345

The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'process' function in the 'startklarDropZoneUploadProcess' class in versions up to, and including, 1.7.13. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 9.8 (CRITICAL) · EPSS 95th percentile

CWECWE 434VNDStartklarTYPVulnerability
9.8
CVSS v3.1
100
Edit Score