Lista CVE - 2024 / Giugno

Visualizzazione 601 - 700 di 3082 CVE per Giugno 2024 (Pagina 7 di 31)

Torna alla Lista Precedente Successivo

ID CVE	Data	Titolo
CVE-2024-5640	2024-06-07	Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) <= 3.14.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pacific Widget
CVE-2024-4902	2024-06-07	Tutor LMS – eLearning and online course solution <= 2.7.1 -Authenticated (Administrator+) SQL Injection
CVE-2024-4042	2024-06-07	Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel - Combo Blocks <= 2.2.80 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attribute
CVE-2024-4354	2024-06-07	TablePress – Tables in WordPress made easy <= 2.3 - Authenticated (Author+) Server-Side Request Forgery via DNS Rebind
CVE-2023-6491	2024-06-07	Strong Testimonials <= 3.1.12 - Authenticated(Contributor+) Improper Authorization to Views Modification
CVE-2024-3592	2024-06-07	Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress <= 9.0.1 - Authenticated (Contributor+) SQL Injection
CVE-2024-3288	2024-06-07	Logo Slider < 4.0.0 - Contributor+ Stored XSS
CVE-2024-4620	2024-06-07	ArForms < 6.6 - Unauthenticated RCE
CVE-2024-4621	2024-06-07	ArForms < 6.6 - Admin+ Stored XSS
CVE-2024-4756	2024-06-07	WP Backpack <= 2.1 - Admin+ Stored XSS
CVE-2024-5003	2024-06-07	WP Stacker <= 1.8.5 - Stored XSS via CSRF
CVE-2024-4451	2024-06-07	Colibri Page Builder <= 1.0.276 - Authenticated (Contributor+) Stored Cross-Site Scripting via colibri_video_player Shortcode
CVE-2024-4489	2024-06-07	Royal Elementor Addons and Templates <= 1.3.976 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Uploads
CVE-2024-4488	2024-06-07	Royal Elementor Addons and Templates <= 1.3.976 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-4703	2024-06-07	One Page Express Companion <= 1.6.37 - Authenticated (Contributor+) Stored Cross-Site Scripting via one_page_express_contact_form Shortcode
CVE-2024-5426	2024-06-07	Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via Zipped SVG
CVE-2023-5424	2024-06-07	WS Form LITE <= 1.9.217 - Unauthenticated CSV Injection
CVE-2024-5481	2024-06-07	Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.23 - Authenticated (Contributor+) Path Traversal via esc_dir Function
CVE-2024-5645	2024-06-07	Envo Extra <= 1.8.23 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Widget
CVE-2024-5732	2024-06-07	Clash Proxy Port improper authentication
CVE-2024-5637	2024-06-07	Market Exporter <= 2.0.19 - Missing Authorization to Arbitrary File Deletion
CVE-2024-4610	2024-06-07	Mali GPU Kernel Driver allows improper GPU memory processing operations
CVE-2024-5733	2024-06-07	itsourcecode Online Discussion Forum register_me.php sql injection
CVE-2024-5734	2024-06-07	itsourcecode Online Discussion Forum poster.php unrestricted upload
CVE-2024-5438	2024-06-07	Tutor LMS – eLearning and online course solution <= 2.7.1 - Authenticated (Instructor+) Insecure Direct Object Reference to Arbitrary Quiz Attempt Deletion
CVE-2024-5542	2024-06-07	Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.1 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via Navigation Menu Widget
CVE-2024-5599	2024-06-07	FileOrganizer <= 1.0.7 - Sensitive Information Exposure via Directory Listing
CVE-2024-5382	2024-06-07	Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor <= 2.0.6.1 - Missing Authorization to MA Template Creation or Modification
CVE-2024-36673	2024-06-07	Sourcecodester Pharmacy/Medical Store Point of Sale System 1.0 is vulnerable...
CVE-2024-31878	2024-06-07	IBM i information disclosure
CVE-2024-37160	2024-06-07	Formwork has a Cross-site scripting (XSS) vulnerability in Description metadata
CVE-2024-36792	2024-06-07	An issue in the implementation of the WPS in Netgear...
CVE-2024-36787	2024-06-07	An issue in Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 allows attackers to...
CVE-2024-37162	2024-06-07	zsa Generates Error Messages Containing Sensitive Information
CVE-2024-36789	2024-06-07	An issue in Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 allows attackers to create...
CVE-2024-36790	2024-06-07	Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1 was discovered to store credentials in plaintext.
CVE-2024-36788	2024-06-07	Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 does not properly set the HTTPOnly...
CVE-2024-36773	2024-06-07	A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows...
CVE-2024-32503	2024-06-07	An issue was discovered in Samsung Mobile Processor and Wearable...
CVE-2024-37163	2024-06-07	SkyScrape Secure API Requests
CVE-2024-5745	2024-06-07	itsourcecode Bakery Online Ordering System unrestricted upload
CVE-2024-1694	2024-06-07	Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google...
CVE-2023-7261	2024-06-07	Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google...
CVE-2024-0444	2024-06-07	GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2024-37408	2024-06-08	fprintd through 1.94.3 lacks a security attention mechanism, and thus...
CVE-2024-37407	2024-06-08	Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP...
CVE-2024-5663	2024-06-08	Cards for Beaver Builder <= 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Cards Widget
CVE-2024-3668	2024-06-08	PowerPack Pro for Elementor <= 2.10.17 - Authenticated (Contributor+) Privilege Escalation
CVE-2024-5770	2024-06-08	WP Force SSL & HTTPS SSL Redirect <= 1.66 - Missing Authorization to Settings Update
CVE-2024-4661	2024-06-08	WP Reset <= 2.02 - Missing Authorization to License Key Modification
CVE-2024-5638	2024-06-08	Formula <= 0.5.1 - Reflected Cross-Site Scripting via ti_customizer_notify_dismiss_recommended_plugins
CVE-2024-5087	2024-06-08	Minimal Coming Soon – Coming Soon Page <= 2.38 - Missing Authorization to Limited Settings Change
CVE-2024-5613	2024-06-08	Formula <= 0.5.1 - Reflected Cross-Site Scripting via quality_customizer_notify_dismiss_action
CVE-2024-5091	2024-06-08	SKT Addons for Elementor <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Age Gate and Creative Slider Widgets
CVE-2024-4468	2024-06-08	Salon booking system <= 9.9 - Missing Authorization
CVE-2024-5654	2024-06-08	CF7 Google Sheets Connector <= 5.0.9 - Missing Authorization to Limited Site Configuration Update
CVE-2024-35756	2024-06-08	WordPress Tooltip CK plugin <= 2.2.15 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35755	2024-06-08	WordPress Weather Widget Pro plugin <= 1.1.40 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35753	2024-06-08	WordPress TemplatesNext OnePager plugin <= 1.3.3 - Cross Site Scripting (XSS) vulnerability
CVE-2024-5766	2024-06-08	Likeshop Merchandise admin cross site scripting
CVE-2024-35752	2024-06-08	WordPress Stellissimo Text Box plugin 1.1.4 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35751	2024-06-08	WordPress Woody code snippets plugin <= 2.4.10 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35750	2024-06-08	WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - SQL Injection vulnerability
CVE-2024-35740	2024-06-08	WordPress Pixgraphy theme <= 1.3.8 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35739	2024-06-08	WordPress The Post Grid plugin <= 7.7.1 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35738	2024-06-08	WordPress Kognetiks Chatbot for WordPress plugin <= 1.9.8 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35737	2024-06-08	WordPress WP Visitors Tracker plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-35736	2024-06-08	WordPress Visualizer plugin <= 3.11.1 - SQL Injection vulnerability
CVE-2024-35734	2024-06-08	WordPress WP Time Slots Booking Form plugin <= 1.2.10 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35733	2024-06-08	WordPress Auto Coupons for WooCommerce plugin <= 3.0.14 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-35732	2024-06-08	WordPress YITH Custom Login plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability
CVE-2024-36965	2024-06-08	remoteproc: mediatek: Make sure IPI buffer fits in L2TCM
CVE-2024-36966	2024-06-08	erofs: reliably distinguish block based and fscache mode
CVE-2024-36967	2024-06-08	KEYS: trusted: Fix memory leak in tpm2_key_encode()
CVE-2024-36968	2024-06-08	Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init()
CVE-2024-36969	2024-06-08	drm/amd/display: Fix division by zero in setup_dsc_config
CVE-2024-35731	2024-06-08	WordPress Kenta Gutenberg Blocks plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35730	2024-06-08	WordPress Active Products Tables for WooCommerce plugin <= 1.0.6.3 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-36970	2024-06-08	wifi: iwlwifi: Use request_module_nowait
CVE-2024-35719	2024-06-08	WordPress RestroPress plugin <= 3.1.2.1 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35718	2024-06-08	WordPress Newsletters plugin <= 4.9.5 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-35715	2024-06-08	WordPress Bloglo and Blogvi themes affected by Cross Site Scripting (XSS) vulnerability
CVE-2024-35714	2024-06-08	WordPress Idyllic theme <= 1.1.8 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35713	2024-06-08	WordPress Testimonial Carousel For Elementor plugin <= 10.1.1 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35711	2024-06-08	WordPress Event theme <= 1.2.2 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35710	2024-06-08	WordPress Podlove Web Player plugin <= 5.7.3 - Sensitive Data Exposure vulnerability
CVE-2024-35709	2024-06-08	WordPress The Plus Addons for Elementor plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35708	2024-06-08	WordPress Rife Free theme <= 2.4.19 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35707	2024-06-08	WordPress Heateor Social Login WordPress plugin <= 1.1.32 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35706	2024-06-08	WordPress Heateor Social Login WordPress plugin <= 1.1.32 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35705	2024-06-08	WordPress Block for Font Awesome plugin <= 1.4.4 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35704	2024-06-08	WordPress BlockArt Blocks plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35703	2024-06-08	WordPress Sina Extension for Elementor plugin <= 3.5.3 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35702	2024-06-08	WordPress Master Addons for Elementor plugin <= 2.0.6.0 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35701	2024-06-08	WordPress PropertyHive plugin <= 2.0.13 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35699	2024-06-08	WordPress HT Feed plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35698	2024-06-08	WordPress YITH WooCommerce Tab Manager plugin <= 1.35.0 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35697	2024-06-08	WordPress Eduma theme <= 5.4.7 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2024-35696	2024-06-08	WordPress WP Docs plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability
CVE-2024-35695	2024-06-08	WordPress WP Docs plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability