Lista CVE - 2024 / Maggio

Visualizzazione 2001 - 2100 di 4997 CVE per Maggio 2024 (Pagina 21 di 50)

Torna alla Lista Precedente Successivo

ID CVE	Data	Titolo
CVE-2024-4684	2024-05-09	Campcodes Complete Web-Based School Management System exam_timetable_grade_wise.php cross site scripting
CVE-2022-32504	2024-05-09	An issue was discovered on certain Nuki Home Solutions devices....
CVE-2022-32502	2024-05-09	An issue was discovered on certain Nuki Home Solutions devices....
CVE-2022-32507	2024-05-09	An issue was discovered on certain Nuki Home Solutions devices....
CVE-2022-32503	2024-05-09	An issue was discovered on certain Nuki Home Solutions devices....
CVE-2022-32510	2024-05-09	An issue was discovered on certain Nuki Home Solutions devices....
CVE-2022-32506	2024-05-09	An issue was discovered on certain Nuki Home Solutions devices....
CVE-2022-32508	2024-05-09	An issue was discovered on certain Nuki Home Solutions devices....
CVE-2022-32505	2024-05-09	An issue was discovered on certain Nuki Home Solutions devices....
CVE-2024-4685	2024-05-09	Campcodes Complete Web-Based School Management System exam_timetable.php cross site scripting
CVE-2024-3989	2024-05-09	HT Mega – Absolute Addons For Elementor <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Justify
CVE-2024-4605	2024-05-09	Breakdance <= 1.7.1 - Authenticated (Contributor+) Remote Code Execution
CVE-2024-3068	2024-05-09	Custom Field Suite <= 2.6.5 - Authenticated (Admin+) Stored Cross-Site Scripting
CVE-2024-4107	2024-05-09	Elementor Website Builder Pro <= 3.21.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
CVE-2024-3954	2024-05-09	Ditty – Responsive News Tickers, Sliders, and Lists <= 3.1.38 - Authenticated (Contributor+) PHP Object Injection
CVE-2024-1693	2024-05-09	SP Project & Document Manager <= 4.70 - Authenticated (Subscriber+) Arbitrary Folder Name Update
CVE-2024-4150	2024-05-09	Simple Basic Contact Form <= 20221201 - Reflected Cross-Site Scripting
CVE-2024-4158	2024-05-09	Blocksy <= 2.0.42 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2023-6327	2024-05-09	ShopLentor (formerly WooLentor) <= 2.8.7 - Missing Authorization via purchased_new_products
CVE-2024-3680	2024-05-09	Enter Addons – Ultimate Template Builder for Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animation Title widget img tag
CVE-2024-4316	2024-05-09	EmbedPress Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor <= 3.9.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
CVE-2024-3974	2024-05-09	BuddyPress <= 12.4.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting
CVE-2024-4386	2024-05-09	Gallery Block (Meow Gallery) <= 5.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-3807	2024-05-09	Porto <= 7.1.0 - Authenticated (Contributor+) Local File Inclusion via Post Meta
CVE-2024-1166	2024-05-09	Image Hover Effects - Elementor Addon <= 1.4.1 - Authenticated(Contributor+) DOM-based Stored Cross-Site Scripting via Image Hover Effects Widget
CVE-2024-1229	2024-05-09	SimpleShop <= 2.10.2 - Missing Authorization
CVE-2024-4041	2024-05-09	Yoast SEO <= 22.5 - Reflected Cross-Site Scripting
CVE-2024-3952	2024-05-09	Advanced Ads – Ad Manager & AdSense <= 1.52.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Ad Widget
CVE-2024-4383	2024-05-09	Simple Membership <= 4.4.5 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode
CVE-2024-3916	2024-05-09	Swift Framework <= 2.7.31 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodes
CVE-2024-4312	2024-05-09	Soccer Engine – Soccer Plugin for WordPress <= 1.12 - Cross-Site Request Forgery
CVE-2024-3722	2024-05-09	Swift Performance Lite <= 2.3.6.18 - Incorrect Authorization to Authenticated (Subscriber+) Settings Modification
CVE-2024-3595	2024-05-09	Pure Chat – Live Chat Plugin & More! <= 2.22 - Authenticated (Subscriber+) Stored Cross-Site Scripting
CVE-2024-3831	2024-05-09	Enter Addons – Ultimate Template Builder for Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Heading widget
CVE-2024-4446	2024-05-09	Content Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shortcode) <= 3.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via pagingType Parameter
CVE-2024-4314	2024-05-09	hostel <= 1.1.5.3 - Cross-Site Request Forgery
CVE-2024-4339	2024-05-09	Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) <= 3.14.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-4411	2024-05-09	Mihdan: Yandex Turbo Feed <= 1.6.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE-2024-2923	2024-05-09	Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) <= 1.1.37 - Authenticated (Contributor+) Stored Cross-Site Scripting via Text Effect Widget
CVE-2024-3915	2024-05-09	Swift Framework <= 2.7.31 - Missing Authorization to Unauthenticated Arbitrary Content Update
CVE-2024-4441	2024-05-09	XML Sitemap & Google News <= 5.4.8 - Unauthenticated Local File Inclusion
CVE-2024-4103	2024-05-09	ADFO – Custom data in admin dashboard <= 1.9.0 - Cross-Site Request Forgery
CVE-2024-4335	2024-05-09	Rank Math SEO with AI Best SEO Tools <= 1.0.217 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-1230	2024-05-09	SimpleShop <= 2.10.0 - Cross-Site Request Forgery
CVE-2024-3806	2024-05-09	Porto <= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts
CVE-2024-3990	2024-05-09	HT Mega – Absolute Addons For Elementor <= 2.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Tooltip & Popover Widget
CVE-2024-3923	2024-05-09	Beaver Builder – WordPress Page Builder <= 2.8.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-2846	2024-05-09	Visual Footer Credit Remover <= 1.2 - Authenticated (Admin+) Stored Cross-Site Scripting
CVE-2024-0445	2024-05-09	The Plus Addons for Elementor <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-3070	2024-05-09	Last Viewed Posts by WPBeginner <= 1.0.0 - Unauthenticated PHP Object Injection
CVE-2024-4082	2024-05-09	Joli FAQ SEO – WordPress FAQ Plugin <= 1.3.2 - Cross-Site Request Forgery
CVE-2024-4567	2024-05-09	Themify Shortcodes <= 2.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via themify_button Shortcode
CVE-2024-4193	2024-05-09	Testimonial Slider <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-4463	2024-05-09	Squelch Tabs and Accordions Shortcodes <= 0.4.7 - Cross-Site Request Forgery
CVE-2024-1467	2024-05-09	Starter Templates — Elementor, WordPress & Beaver Builder Templates <= 4.1.6 - Authenticated (Contributor+) Server-Side Request Forgery
CVE-2024-2785	2024-05-09	The Plus Addons for Elementor <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate
CVE-2024-4038	2024-05-09	Back In Stock Notifier for WooCommerce \| WooCommerce Waitlist Pro <= 5.3.1 - Unauthenticated Arbitrary Shortcode Execution
CVE-2024-4104	2024-05-09	ADFO – Custom data in admin dashboard <= 1.9.0 - Reflected Cross-Site Scripting
CVE-2024-4397	2024-05-09	LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Authenticated (Instructor+) Arbitrary File Upload
CVE-2024-3809	2024-05-09	Porto Theme - Functionality <= 3.0.9 - Authenticated (Contributor+) Local File Inclusion via Post Meta
CVE-2024-2290	2024-05-09	Advanced Ads – Ad Manager & AdSense <= 1.52.1 - Authenticated (Admin+) PHP Object Injection
CVE-2024-3808	2024-05-09	Porto Theme - Functionality <= 3.1.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode
CVE-2024-4686	2024-05-09	Campcodes Complete Web-Based School Management System emarks_range_grade_update_form.php cross site scripting
CVE-2024-32985	2024-05-09	Stellar-core's Overlay - security fix for DDoS mitigation
CVE-2024-4687	2024-05-09	Campcodes Complete Web-Based School Management System create_events.php cross site scripting
CVE-2024-4688	2024-05-09	Campcodes Complete Web-Based School Management System conversation_history_admin.php cross site scripting
CVE-2024-0087	2024-05-09	CVE
CVE-2024-0100	2024-05-09	CVE
CVE-2024-0088	2024-05-09	CVE
CVE-2024-0096	2024-05-09	CVE
CVE-2024-0097	2024-05-09	CVE
CVE-2024-0098	2024-05-09	CVE
CVE-2024-4671	2024-05-09	Use after free in Visuals in Google Chrome prior to...
CVE-2024-30802	2024-05-10	An issue in Vehicle Management System 7.31.0.3_20230412 allows an attacker...
CVE-2024-4699	2024-05-10	D-Link DAR-8000-10 importhtml.php deserialization
CVE-2024-4280	2024-05-10	White Label CMS <= 2.7.3 - Missing Authorization to Plugin Settings Reset
CVE-2024-2441	2024-05-10	VikBooking < 1.6.8 - Insecure Direct Object References
CVE-2024-2749	2024-05-10	VikBooking < 1.6.8 - Broken Access Control
CVE-2024-3940	2024-05-10	reCAPTCHA Jetpack <= 0.2.2 - Settings Update via CSRF
CVE-2024-3941	2024-05-10	reCAPTCHA Jetpack <= 0.2.2 - Stored XSS via CSRF
CVE-2024-4481	2024-05-10	Gutenberg Blocks with AI by Kadence WP <= 3.2.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Link
CVE-2024-3828	2024-05-10	Spectra Pro <= 1.1.5 - Authenticated (Author+) Privilege Escalation
CVE-2024-4129	2024-05-10	Authentication bypass in Snow License Manager
CVE-2024-4448	2024-05-10	Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Dual Color Header', 'Event Calendar', & 'Advanced Data Table'
CVE-2024-4449	2024-05-10	Essential Addons for Elementor <= 5.9.19 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via Several Widgets
CVE-2024-2662	2024-05-10	Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Authenticated (Admin+) Command Injection
CVE-2024-4275	2024-05-10	Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Interactive Circles'
CVE-2024-4398	2024-05-10	HTML5 Audio Player- Best WordPress Audio Player Plugin <= 2.2.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
CVE-2024-3547	2024-05-10	Unlimited Elements For Elementor (Free Widgets, Addons, Templates) <= 1.5.102 - Reflected Cross-Site Scripting
CVE-2024-34828	2024-05-10	WordPress Church Admin plugin <= 4.1.32 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-34827	2024-05-10	WordPress Translate Multilingual sites – TranslatePress plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-34825	2024-05-10	WordPress Social Warfare plugin <= 4.4.5.1 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-34823	2024-05-10	WordPress Arigato Autoresponder and Newsletter plugin <= 2.7.2.3 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-4689	2024-05-10	WordPress ShortPixel Adaptive Images plugin <= 3.8.3 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-4434	2024-05-10	LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Time-Based SQL Injection
CVE-2024-3956	2024-05-10	Pods – Custom Content Types and Fields <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pod Form Redirect URL
CVE-2024-4444	2024-05-10	LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Bypass to User Registration
CVE-2024-31113	2024-05-10	WordPress Easy Digital Downloads plugin <= 3.2.11 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-34817	2024-05-10	WordPress Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2024-34816	2024-05-10	WordPress WPCal.io plugin <= 0.9.5.8 - Cross Site Request Forgery (CSRF) vulnerability