2024-03-13
2024-03-13 16:15Z
HIGH

CVE-2024-1311 — Brizy Brizy: The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-1311

The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the storeImages function in all versions up to, and including, 2.4.40. This makes it possible for authenticated attackers, with contributor access or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH) · EPSS 93th percentile

CWECWE 434VNDBrizyTYPVulnerability
8.8
CVSS v3.1
97
Edit Score
2024-03-13
2024-03-13 16:15Z
HIGH

CVE-2024-1203 — Conversios Conversios: The Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-1203

The Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'valueData' parameter in all versions up to, and including, 7.0.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into a CVSSv3.1 8.8 (HIGH) · EPSS 72th percentile

CWECWE 89VNDConversiosTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-03-13
2024-03-13 16:15Z
HIGH

CVE-2024-0683 — Autopolis Bulgarisation_for_woocommerce: The Bulgarisation for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-0683

The Bulgarisation for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions in all versions up to, and including, 3.0.14. This makes it possible for unauthenticated and authenticated attackers, with subscriber-level access and above, to generate and delete labels. CVSSv3.1 7.3 (HIGH) · EPSS 96th percentile

CWECWE 862VNDAutopolisVNDBulgarisationTYPVulnerability
7.3
CVSS v3.1
94
Edit Score
2024-03-13
2024-03-13 16:15Z
HIGH

CVE-2024-0368 — Wpmudev Hustle: The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-0368

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.8.3 via hardcoded API Keys. This makes it possible for unauthenticated attackers to extract sensitive data including PII. CVSSv3.1 8.6 (HIGH) · EPSS 82th percentile

CWECWE 522VNDWpmudevVNDHustleTYPVulnerability
8.6
CVSS v3.1
94
Edit Score
2024-03-13
2024-03-13 16:15Z
CRIT

CVE-2023-6825 — Mndpsingh287 File_manager: The File Manager and File Manager Pro plugins for WordPress are vulnerable to Directory

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-6825

The File Manager and File Manager Pro plugins for WordPress are vulnerable to Directory Traversal in versions up to, and including version 7.2.1 (free version) and 8.3.4 (Pro version) via the target parameter in the mk_file_folder_manager_action_callback_shortcode function. This makes it possible for attackers to read the contents of arbitrary files on the server, which can contain sensitive information and to upload files into directories other than the intended directory f CVSSv3.1 9.9 (CRITICAL) · EPSS 98th percentile

CWECWE 22CWECWE 23VNDMndpsingh287TYPVulnerability
9.9
CVSS v3.1
100
Edit Score
2024-03-13
2024-03-13 16:15Z
HIGH

CVE-2023-5663 — Storeapps News_announcement_scroll: The News Announcement Scroll plugin for WordPress is vulnerable to SQL Injection via the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-5663

The News Announcement Scroll plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information f CVSSv3.1 8.8 (HIGH) · EPSS 54th percentile

CWECWE 89VNDStoreappsTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-03-13
2024-03-13 10:15Z
HIGH

CVE-2024-2123 — Ultimatemember Ultimate_member: The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-2123

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the several parameters in all versions up to, and including, 2.8.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. CVSSv3.1 7.2 (HIGH) · EPSS 97th percentile

CWECWE 79VNDUltimatememberVNDUltimateTYPVulnerability
7.2
CVSS v3.1
95
Edit Score
728 × 90 / responsive · programmatic ad slot
2024-03-12
2024-03-12 15:15Z
HIGH

CVE-2023-42790 — Fortinet Fortiproxy: A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-42790

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0.0 through 7.0.12, FortiOS 6.4.0 through 6.4.14, FortiOS 6.2.0 through 6.2.15, FortiProxy 7.4.0, FortiProxy 7.2.0 through 7.2.6, FortiProxy 7.0.0 through 7.0.12, FortiProxy 2.0.0 through 2.0.13, FortiSASE 23.2.b allows attacker to execute unauthorized code or commands via specially crafted HTTP requests. CVSSv3.1 8.1 (HIGH) · EPSS 61th percentile

CWECWE 121VNDFortinetTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2024-03-12
2024-03-12 15:15Z
CRIT

CVE-2023-42789 — Fortinet Fortiproxy: A out-of-bounds write vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.5

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-42789

A out-of-bounds write vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0.0 through 7.0.12, FortiOS 6.4.0 through 6.4.14, FortiOS 6.2.0 through 6.2.15, FortiProxy 7.4.0, FortiProxy 7.2.0 through 7.2.6, FortiProxy 7.0.0 through 7.0.12, FortiProxy 2.0.0 through 2.0.13, FortiSASE 23.2.b allows attacker to execute unauthorized code or commands via specially crafted HTTP requests. CVSSv3.1 9.8 (CRITICAL) · EPSS 87th percentile

CWECWE 787VNDFortinetTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2024-03-07
2024-03-07 21:15Z
HIGH

CVE-2024-1986 — Booster Booster_for_woocommerce: The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-1986

The Booster Elite for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wc_add_new_product() function in all versions up to, and including, 7.1.7. This makes it possible for customer-level attackers, and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. This is only exploitable when the user product upload functionality is enabled. CVSSv3.1 8.8 (HIGH) · EPSS 93th percentile

CWECWE 434VNDBoosterTYPVulnerability
8.8
CVSS v3.1
97
Edit Score
2024-03-07
2024-03-07 19:15Z
HIGH

CVE-2024-1773 — Acowebs Pdf_invoices_and_packing_slips_for_woocommerce: The PDF Invoices and Packing Slips For WooCommerce plugin for WordPress is vulnerable to

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-1773

The PDF Invoices and Packing Slips For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.7 via deserialization of untrusted input via the order_id parameter. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target sys CVSSv3.1 8.8 (HIGH) · EPSS 65th percentile

CWECWE 502CWECWE 74VNDAcowebsVNDPdfTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-03-07
2024-03-07 11:15Z
HIGH

CVE-2024-1170 — Themekraft Post_form: The Post Form – Registration Form – Profile Form for User Profiles – Frontend

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-1170

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to unauthorized media file deletion due to a missing capability check on the handle_deleted_media function in all versions up to, and including, 2.8.7. This makes it possible for unauthenticated attackers to delete arbitrary media files. CVSSv3.1 8.2 (HIGH) · EPSS 66th percentile

CWECWE 862VNDThemekraftVNDPostTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2024-03-07
2024-03-07 09:15Z
HIGH

CVE-2024-1382 — Nicdarkthemes Restaurant_reservations: The Restaurant Reservations plugin for WordPress is vulnerable to Local File Inclusion in all

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-1382

The Restaurant Reservations plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9 via the nd_rst_layout attribute of the nd_rst_search shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary PHP files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve cod CVSSv3.1 8.8 (HIGH) · EPSS 76th percentile

CWECWE 98VNDNicdarkthemesVNDRestaurantTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-03-07
2024-03-07 01:15Z
HIGH

CVE-2024-26566 — Iscute Cute_http_file_server: An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-26566

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component. CVSSv3.1 8.2 (HIGH) · EPSS 44th percentile

CWECWE 288VNDIscuteVNDCuteTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2024-03-07
2024-03-07 01:15Z
HIGH

CVE-2023-47415 — Cypress Ctm-200_firmware: Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-47415

Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the cli_text parameter. CVSSv3.1 7.5 (HIGH) · EPSS 97th percentile

CWECWE 78VNDCypressTYPVulnerability
7.5
CVSS v3.1
92
Edit Score
2024-03-06
2024-03-06 19:15Z
CRIT

CVE-2024-27304 — Jackc Pgproto3: SQL injection can occur if an attacker can cause a single query or bind

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-27304

pgx is a PostgreSQL driver and toolkit for Go. SQL injection can occur if an attacker can cause a single query or bind message to exceed 4 GB in size. An integer overflow in the calculated message size can cause the one large message to be sent as multiple messages under the attacker's control. The problem is resolved in v4.18.2 and v5.5.4. As a workaround, reject user input large enough to cause a single query or bind message to exceed 4 GB in size. CVSSv3.1 9.8 (CRITICAL) · EPSS 83th percentile

CWECWE 89CWECWE 190VNDPostgresqlVNDJackcTYPVulnerability
9.8
CVSS v3.1
100
Edit Score
2024-03-06
2024-03-06 19:15Z
HIGH

CVE-2024-27289 — Jackc Pgx: Prior to version 4.18.2, SQL injection can occur when all of the following conditions

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-27289

pgx is a PostgreSQL driver and toolkit for Go. Prior to version 4.18.2, SQL injection can occur when all of the following conditions are met: the non-default simple protocol is used; a placeholder for a numeric value must be immediately preceded by a minus; there must be a second placeholder for a string value after the first placeholder; both must be on the same line; and both parameter values must be user-controlled. The problem is resolved in v4.18.2. As a workaround, do n CVSSv3.1 8.1 (HIGH) · EPSS 70th percentile

CWECWE 89VNDPostgresqlVNDJackcTYPVulnerability
8.1
CVSS v3.1
91
Edit Score
2024-03-05
2024-03-05 13:15Z
CRIT

CVE-2023-7103 — Zksoftware Uface_5: Authentication Bypass by Primary Weakness vulnerability in ZKSoftware Biometric Security Solutions UFace 5 allows

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2023-7103

Authentication Bypass by Primary Weakness vulnerability in ZKSoftware Biometric Security Solutions UFace 5 allows Authentication Bypass. This issue affects UFace 5: through 12022024. CVSSv3.1 9.8 (CRITICAL) · EPSS 6th percentile

CWECWE 305VNDZksoftwareTYPVulnerability
9.8
CVSS v3.1
99
Edit Score
2024-03-05
2024-03-05 02:15Z
HIGH

CVE-2024-1731 — Rymera Auto_refresh_single_page: The Auto Refresh Single Page plugin for WordPress is vulnerable to PHP Object Injection

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-1731

The Auto Refresh Single Page plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1 via deserialization of untrusted input from the arsp_options post meta option. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it cou CVSSv3.1 8.8 (HIGH) · EPSS 79th percentile

CWECWE 502VNDRymeraVNDAutoTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-03-05
2024-03-05 02:15Z
HIGH

CVE-2024-0825 — Davekiss Vimeography: The Vimeography: Vimeo Video Gallery WordPress Plugin plugin for WordPress is vulnerable to PHP

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-0825

The Vimeography: Vimeo Video Gallery WordPress Plugin plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.3.2 via deserialization of untrusted input via the vimeography_duplicate_gallery_serialized in the duplicate_gallery function. This makes it possible for authenticated attackers attackers, with contributor access or higher, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via CVSSv3.1 8.8 (HIGH) · EPSS 78th percentile

CWECWE 502VNDDavekissVNDVimeographyTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-03-01
2024-03-01 07:15Z
HIGH

CVE-2024-1859 — Awplife Slider_responsive_slideshow: The Slider Responsive Slideshow – Image slider, Gallery slideshow plugin for WordPress is vulnerable

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-1859

The Slider Responsive Slideshow – Image slider, Gallery slideshow plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.8 via deserialization of untrusted input to the awl_slider_responsive_shortcode function. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin CVSSv3.1 8.8 (HIGH) · EPSS 73th percentile

CWECWE 502VNDAwplifeVNDSliderTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-02-29
2024-02-29 04:15Z
HIGH

CVE-2024-1468 — Theme-fusion Avada: The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-1468

The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_import_options() function in all versions up to, and including, 7.11.4. This makes it possible for authenticated attackers, with contributor-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVSSv3.1 8.8 (HIGH) · EPSS 88th percentile

CWECWE 434VNDTheme FusionVNDAvadaTYPVulnerability
8.8
CVSS v3.1
95
Edit Score
2024-02-29
2024-02-29 01:43Z
HIGH

CVE-2024-1317 — Themeisle Rss_aggregator_by_feedzy: The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-1317

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to SQL Injection via the ‘search_key’ parameter in all versions up to, and including, 4.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with contributor access and above, to append additional SQL queries into already CVSSv3.1 8.8 (HIGH) · EPSS 68th percentile

CWECWE 89VNDThemeisleVNDRssTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-02-29
2024-02-29 01:43Z
HIGH

CVE-2024-1206 — Bootstrapped Wp_recipe_maker: The WP Recipe Maker plugin for WordPress is vulnerable to SQL Injection via the

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-1206

The WP Recipe Maker plugin for WordPress is vulnerable to SQL Injection via the 'recipes' parameter in all versions up to, and including, 9.1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the CVSSv3.1 8.8 (HIGH) · EPSS 71th percentile

CWECWE 89VNDBootstrappedVNDRecipeTYPVulnerability
8.8
CVSS v3.1
94
Edit Score
2024-02-29
2024-02-29 01:43Z
MED

CVE-2024-0590 — Microsoft Clarity: The Microsoft Clarity plugin for WordPress is vulnerable to Cross-Site Request Forgery in all

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2024-0590

The Microsoft Clarity plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.9.3. This is due to missing nonce validation on the edit_clarity_project_id() function. This makes it possible for unauthenticated attackers to change the project id and add malicious JavaScript via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 6.1 (MEDIUM) · EPSS 96th percentile

CWECWE 352VNDMicrosoftTYPVulnerability
6.1
CVSS v3.1
88
Edit Score