CVE ID : CVE-2024-12819 Published : Jan. 9, 2025, 11:15 a.m. | 32 minutes ago Description : The Searchie plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘sio_embed_media’ shortcode in all versions up to, and including, 1.17.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it […]
CVE ID : CVE-2024-6155 Published : Jan. 9, 2025, 11:15 a.m. | 32 minutes ago Description : The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Authenticated (Subscriber+) Server-Side Request Forgery and Stored Cross Site Scripting in all versions up to, and including, 9.0.0 due to a missing capability check in […]
CVE ID : CVE-2024-12621 Published : Jan. 9, 2025, 11:15 a.m. | 32 minutes ago Description : The Yumpu E-Paper publishing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘YUMPU’ shortcode in all versions up to, and including, 3.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This […]
CVE ID : CVE-2024-12618 Published : Jan. 9, 2025, 11:15 a.m. | 32 minutes ago Description : The Newsletter2Go plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘resetStyles’ AJAX action in all versions up to, and including, 4.0.14. This makes it possible for authenticated attackers, with […]
CVE ID : CVE-2024-12616 Published : Jan. 9, 2025, 11:15 a.m. | 32 minutes ago Description : The Bitly’s WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions in all versions up to, and including, 2.7.3. This makes it possible for authenticated attackers, […]
CVE ID : CVE-2024-12605 Published : Jan. 9, 2025, 11:15 a.m. | 32 minutes ago Description : The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3. This […]
CVE ID : CVE-2024-12542 Published : Jan. 9, 2025, 11:15 a.m. | 32 minutes ago Description : The linkID plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check when including the ‘phpinfo’ function in all versions up to, and including, 0.1.2. This makes it possible for unauthenticated attackers to […]
CVE ID : CVE-2024-12496 Published : Jan. 9, 2025, 11:15 a.m. | 32 minutes ago Description : The Linear plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘linear_block_buy_commissions’ shortcode in all versions up to, and including, 2.7.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it […]
CVE ID : CVE-2024-12491 Published : Jan. 9, 2025, 11:15 a.m. | 32 minutes ago Description : The SimplyRETS Real Estate IDX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘sr_search_form’ shortcode in all versions up to, and including, 2.11.2 due to insufficient input sanitization and output escaping on user supplied attributes. […]
CVE ID : CVE-2024-12515 Published : Jan. 9, 2025, 11:15 a.m. | 32 minutes ago Description : The Muslim Prayer Time-Salah/Iqamah plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Masjid ID parameter in all versions up to, and including, 1.8.8 due to insufficient input sanitization and output escaping. This makes it possible for […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
