Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2024-1974 — Hasthemes Ht_mega: The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.6 via the render function. This makes it possible for authenticated attackers, with contributor access or higher, to read the contents of arbitrary files on the server, which can contain sensitive information. CVSSv3.1 8.8 (HIGH) · EPSS 86th percentile
CVE-2024-1893 — Realestateconnected Easy_property_listings: The Easy Property Listings plugin for WordPress is vulnerable to time-based SQL Injection via
The Easy Property Listings plugin for WordPress is vulnerable to time-based SQL Injection via the ‘property_status’ shortcode attribute in all versions up to, and including, 3.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor access and above, to append additional SQL queries into already existing queries that can be used to extract CVSSv3.1 8.8 (HIGH) · EPSS 62th percentile
CVE-2024-1813 — Presstigers Simple_job_board: The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in
The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.11.0 via deserialization of untrusted input in the job_board_applicant_list_columns_value function. This makes it possible for unauthenticated attackers to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute CVSSv3.1 9.8 (CRITICAL) · EPSS 92th percentile
CVE-2024-1315 — Radiustheme Classified_listing: The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is
The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.4. This is due to missing or incorrect nonce validation on the 'rtcl_update_user_account' function. This makes it possible for unauthenticated attackers to change the administrator user's password and email address via a forged request granted they can trick a site administrator into performing an action CVSSv3.1 8.8 (HIGH) · EPSS 69th percentile
CVE-2023-6999 — Podsfoundation Pods: The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to
The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to Remote Code Exxecution via shortcode in all versions up to, and including, 3.0.10 (with the exception of 2.7.31.2, 2.8.23.2, 2.9.19.2). This makes it possible for authenticated attackers, with contributor level access or higher, to execute code on the server. CVSSv3.1 8.8 (HIGH) · EPSS 79th percentile
CVE-2023-6967 — Podsfoundation Pods: The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to
The Pods – Custom Content Types and Fields plugin for WordPress is vulnerable to SQL Injection via shortcode in all versions up to, and including, 3.0.10 (with the exception of 2.7.31.2, 2.8.23.2, 2.9.19.2) due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor level access or higher, to append additional SQL queries into already existing qu CVSSv3.1 8.8 (HIGH) · EPSS 63th percentile
CVE-2023-6964 — Kadencewp Gutenberg_blocks_with_ai: The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is
The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.26 via the 'kadence_import_get_new_connection_data' AJAX action. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services CVSSv3.1 8.5 (HIGH) · EPSS 57th percentile
CVE-2024-31370 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CodeIsAwesome AIKit aikit-wordpress-ai-writing-assistant-using-gpt3.This issue affects AIKit: from n/a through <= 4.14.1. CVSSv3.1 8.5 (HIGH) · EPSS 30th percentile
CVE-2024-22949 — Jfree Jfreechart: v1.5.4 was discovered to contain a NullPointerException via the component /chart/annotations/CategoryLineAnnotation.
JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /chart/annotations/CategoryLineAnnotation. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification. CVSSv3.1 9.1 (CRITICAL) · EPSS 51th percentile
CVE-2024-23086 — Mikkotommila Apfloat: v1.10.1 was discovered to contain a stack overflow via the component org.apfloat.internal.DoubleModMath::modPow(double.
Apfloat v1.10.1 was discovered to contain a stack overflow via the component org.apfloat.internal.DoubleModMath::modPow(double. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification. CVSSv3.1 9.8 (CRITICAL)
CVE-2024-23078 — JGraphT: Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double).
JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification. CVSSv3.1 9.1 (CRITICAL) · EPSS 51th percentile
CVE-2024-31280 — Church_admin_project Church_admin: Unrestricted Upload of File with Dangerous Type vulnerability in andy_moyle Church Admin church-admin.This issue
Unrestricted Upload of File with Dangerous Type vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.5. CVSSv3.1 9.9 (CRITICAL) · EPSS 63th percentile
CVE-2023-6523 — Authorization: Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows Authentication Abuse.
Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows Authentication Abuse. This issue affects Extreme XDS: before 3914. CVSSv3.1 8.8 (HIGH) · EPSS 9th percentile
CVE-2024-3217 — Wpdirectorykit Wp_directory_kit: The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the
The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value' and 'attribute_id' parameters in all versions up to, and including, 1.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract s CVSSv3.1 8.8 (HIGH) · EPSS 98th percentile
CVE-2024-2115 — Thimpress Learnpress: The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Cross-Site Request
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.0.0. This is due to missing or incorrect nonce validation on the filter_users functions. This makes it possible for unauthenticated attackers to elevate their privileges to that of a teacher via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 51th percentile
CVE-2024-2008 — Modal: The Modal Popup Box – Popup Builder, Show Offers And News in Popup plugin
The Modal Popup Box – Popup Builder, Show Offers And News in Popup plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.5.2 via deserialization of untrusted input in the awl_modal_popup_box_shortcode function. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow CVSSv3.1 8.8 (HIGH) · EPSS 71th percentile
CVE-2024-29477 — Dolibarr Dolibarr_erp\/crm: Lack of sanitization during Installation Process in Dolibarr ERP CRM up to version 19.0.0
Lack of sanitization during Installation Process in Dolibarr ERP CRM up to version 19.0.0 allows an attacker with adjacent access to the network to execute arbitrary code via a specifically crafted input. CVSSv3.1 8.8 (HIGH) · EPSS 52th percentile
CVE-2024-27972 — Control: Improper Control of Generation of Code ('Code Injection') vulnerability in Jack Arturo WP Fusion
Improper Control of Generation of Code ('Code Injection') vulnerability in Jack Arturo WP Fusion Lite wp-fusion-lite.This issue affects WP Fusion Lite: from n/a through <= 3.41.24. CVSSv3.1 9.9 (CRITICAL) · EPSS 95th percentile
CVE-2024-27191 — Control: Improper Control of Generation of Code ('Code Injection') vulnerability in inpersttion Slivery Extender slivery-extender
Improper Control of Generation of Code ('Code Injection') vulnerability in inpersttion Slivery Extender slivery-extender allows Remote Code Inclusion.This issue affects Slivery Extender: from n/a through <= 1.0.2. CVSSv3.1 8.5 (HIGH) · EPSS 47th percentile
CVE-2024-25918 — Instawp Instawp_connect: Improper Control of Generation of Code ('Code Injection') vulnerability in InstaWP InstaWP Connect instawp-connect.This
Improper Control of Generation of Code ('Code Injection') vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.8. CVSSv3.1 9.9 (CRITICAL) · EPSS 73th percentile
CVE-2024-30166 — Trustedfirmware Mbed_tls: In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information
In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello. CVSSv3.1 9.1 (CRITICAL) · EPSS 58th percentile
CVE-2024-31094 — Filter: A vulnerability in websupporter Filter Custom Fields & Taxonomies Light filter-custom-fields-taxonomies-light.This issue affects Filter
A vulnerability in websupporter Filter Custom Fields & Taxonomies Light filter-custom-fields-taxonomies-light.This issue affects Filter Custom Fields & Taxonomies Light: from n/a through <= 1.05. CVSSv3.1 8.5 (HIGH) · EPSS 63th percentile
CVE-2024-3018 — Wpdeveloper Essential_addons_for_elementor: The Essential Addons for Elementor plugin for WordPress is vulnerable to PHP Object Injection
The Essential Addons for Elementor plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.9.13 via deserialization of untrusted input from the 'error_resetpassword' attribute of the "Login | Register Form" widget (disabled by default). This makes it possible for authenticated attackers, with author-level access and above, to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target syst CVSSv3.1 8.8 (HIGH) · EPSS 78th percentile
CVE-2024-2086 — Integrate: The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage
The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple AJAX in all versions up to, and including, 1.3.8. This makes it possible for authenticated attackers to modify plugin settings as well as allowing full read/write/delete access to the CVSSv3.1 10.0 (CRITICAL) · EPSS 79th percentile
CVE-2024-2047 — Wpmet Elements_kit_elementor_addons: The ElementsKit Elementor addons plugin for WordPress is vulnerable to Local File Inclusion in
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.0.6 via the render_raw function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where image CVSSv3.1 8.8 (HIGH) · EPSS 82th percentile