CVE ID : CVE-2024-12328 Published : Jan. 8, 2025, 9:15 a.m. | 26 minutes ago Description : The MAS Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, […]
CVE ID : CVE-2024-11939 Published : Jan. 8, 2025, 9:15 a.m. | 26 minutes ago Description : The Cost Calculator Builder PRO plugin for WordPress is vulnerable to blind time-based SQL Injection via the ‘data’ parameter in all versions up to, and including, 3.2.15 due to insufficient escaping on the user supplied parameter and lack of […]
CVE ID : CVE-2024-11350 Published : Jan. 8, 2025, 9:15 a.m. | 26 minutes ago Description : The AdForest theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.1.6. This is due to the plugin not properly validating a user’s identity prior to updating their password through […]
CISA meldt actief misbruik van oud kritiek lek in Oracle WebLogic Server Aanvallers maken actief misbruik van een oude kritieke kwetsbaarheid in Oracle WebLogic Server of hebben dit gedaan, zo meldt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerik … Read more Published Date: Jan 08, 2025 (1 hour, 16 minutes ago) Vulnerabilities has been […]
CVE ID : CVE-2024-12045 Published : Jan. 8, 2025, 8:15 a.m. | 33 minutes ago Description : The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the maker title value of the Google Maps block in all versions up to, and including, 5.0.9 due […]
The following table lists the changes that have been made to the CVE-2024-13173 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 08, 2025 Action […]
CVE ID : CVE-2024-11635 Published : Jan. 8, 2025, 8:15 a.m. | 33 minutes ago Description : The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.12 via the ‘wfu_ABSPATH’ cookie parameter. This makes it possible for unauthenticated attackers to execute code on the server. […]
CVE ID : CVE-2025-22215 Published : Jan. 8, 2025, 7:15 a.m. | 33 minutes ago Description : VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability. A malicious actor with “Organization Member” access to Aria Automation may exploit this vulnerability enumerate internal services running on the host/network. Severity: 4.3 | MEDIUM Visit the link for more […]
CVE ID : CVE-2024-9673 Published : Jan. 8, 2025, 7:15 a.m. | 33 minutes ago Description : The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s Heading widget in all versions up to, and including, 2.4.31 due to insufficient input sanitization and output escaping on user supplied attributes. […]
The following table lists the changes that have been made to the CVE-2024-8002 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 08, 2025 Action […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
