CVE ID : CVE-2024-12419 Published : Jan. 7, 2025, 4:15 a.m. | 29 minutes ago Description : The The Design for Contact Form 7 Style WordPress Plugin – CF7 WOW Styler plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.7.0. This is due to the software allowing users […]
CVE ID : CVE-2024-12416 Published : Jan. 7, 2025, 4:15 a.m. | 29 minutes ago Description : The Live Sales Notification for Woocommerce – Woomotiv plugin for WordPress is vulnerable to SQL Injection via the ‘woomotiv_seen_products_.*’ cookie in all versions up to, and including, 3.6.1 due to insufficient escaping on the user supplied parameter and lack […]
CVE ID : CVE-2024-12402 Published : Jan. 7, 2025, 4:15 a.m. | 29 minutes ago Description : The Themes Coder – Create Android & iOS Apps For Your Woocommerce Site plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.3.4. This is due to the plugin not […]
CVE ID : CVE-2024-12098 Published : Jan. 7, 2025, 4:15 a.m. | 29 minutes ago Description : The ARS Affiliate Page Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘utm_keyword’ parameter in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for […]
CVE ID : CVE-2024-11899 Published : Jan. 7, 2025, 4:15 a.m. | 29 minutes ago Description : The Slider Pro Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘sliderpro’ shortcode in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This […]
CVE ID : CVE-2024-11777 Published : Jan. 7, 2025, 4:15 a.m. | 29 minutes ago Description : The Sell Media plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘sell_media_search_form_gutenberg’ shortcode in all versions up to, and including, 2.5.8.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes […]
CVE ID : CVE-2024-11437 Published : Jan. 7, 2025, 4:15 a.m. | 29 minutes ago Description : The Timeline Designer plugin for WordPress is vulnerable to SQL Injection via the ‘s’ parameter in all versions up to, and including, 1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the […]
The following table lists the changes that have been made to the CVE-2025-22395 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 07, 2025 Action […]
CVE-2024-51741 and CVE-2024-46981: Redis Flaws Expose Millions to DoS and RCE Risks Two vulnerabilities have been discovered in Redis, the popular in-memory database, leaving millions of users at risk. CVE-2024-51741 allows attackers to trigger a denial-of-service (DoS) attack, while … Read more Published Date: Jan 07, 2025 (7 hours, 32 minutes ago) Vulnerabilities has been mentioned in […]
CVE-2024-43096 and More: Critical RCE Flaws Patched in Android Security Update The Android Security Bulletin for January 2025 highlights critical security vulnerabilities affecting millions of Android devices globally. With the 2025-01-05 security patch level, Google has address … Read more Published Date: Jan 07, 2025 (7 hours, 40 minutes ago) Vulnerabilities has been mentioned in this article.
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
