CVE ID : CVE-2024-10957 Published : Jan. 4, 2025, 2:15 p.m. | 44 minutes ago Description : The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.24.11 via deserialization of untrusted input in the ‘recursive_unserialized_replace’ function. This makes it possible for unauthenticated […]
The following table lists the changes that have been made to the CVE-2025-0207 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 04, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-0208 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 04, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-0206 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 04, 2025 Action […]
CVE ID : CVE-2024-12475 Published : Jan. 4, 2025, 12:15 p.m. | 42 minutes ago Description : The WP Multi Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level […]
CVE ID : CVE-2024-12279 Published : Jan. 4, 2025, 12:15 p.m. | 42 minutes ago Description : The WP Social AutoConnect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated […]
CVE ID : CVE-2024-12195 Published : Jan. 4, 2025, 12:15 p.m. | 42 minutes ago Description : The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to SQL Injection via the ‘project_id’ parameter of the /wp-json/pm/v2/projects/2/task-lists REST API endpoint in all versions up […]
CVE ID : CVE-2024-12221 Published : Jan. 4, 2025, 10:15 a.m. | 21 minutes ago Description : The Turnkey bbPress by WeaverTheme plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘_wpnonce’ parameter in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for […]
The following table lists the changes that have been made to the CVE-2025-0205 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 04, 2025 Action […]
CVE ID : CVE-2024-12583 Published : Jan. 4, 2025, 9:15 a.m. | 29 minutes ago Description : The Dynamics 365 Integration plugin for WordPress is vulnerable to Remote Code Execution and Arbitrary File Read in all versions up to, and including, 1.3.23 via Twig Server-Side Template Injection. This is due to missing input validation and sanitization […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
