CVE ID : CVE-2024-12104 Published : Jan. 21, 2025, 10:15 a.m. | 26 minutes ago Description : The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpf_delete_file and wpf_delete_file functions in all versions up to, and including, […]
The following table lists the changes that have been made to the CVE-2024-6466 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 21, 2025 Action […]
CVE ID : CVE-2024-12005 Published : Jan. 21, 2025, 10:15 a.m. | 26 minutes ago Description : The WP-BibTeX plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.1. This is due to missing or incorrect nonce validation on the wp_bibtex_option_page() function. This makes it possible for unauthenticated attackers […]
Beveiligingslek in 7-Zip laat aanvaller Mark-of-the-Web omzeilen Een kwetsbaarheid in de populaire archiveringssoftware 7-Zip maakt het mogelijk voor aanvallers om het Mark-of-the-Web te omzeilen, wat kan leiden tot het uitvoeren van willekeurige code op het systee … Read more Published Date: Jan 21, 2025 (2 hours, 7 minutes ago) Vulnerabilities has been mentioned in this article.
CVE ID : CVE-2025-0371 Published : Jan. 21, 2025, 9:15 a.m. | 26 minutes ago Description : The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 2.7.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for […]
CVE ID : CVE-2024-10936 Published : Jan. 21, 2025, 9:15 a.m. | 26 minutes ago Description : The String locator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.6.6 via deserialization of untrusted input in the ‘recursive_unserialize_replace’ function. This makes it possible for unauthenticated attackers to inject a […]
The following table lists the changes that have been made to the CVE-2025-23086 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 21, 2025 Action […]
CVE ID : CVE-2024-13536 Published : Jan. 21, 2025, 5:15 a.m. | 27 minutes ago Description : The 1003 Mortgage Application plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.87. This is due the /inc/class/fnm/export.php file being publicly accessible with error logging enabled. This makes it possible for […]
The following table lists the changes that have been made to the CVE-2024-45091 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 21, 2025 Action […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
