CVE ID : CVE-2024-13094 Published : Jan. 27, 2025, 6:15 a.m. | 1 hour, 6 minutes ago Description : The WP Triggers Lite WordPress plugin through 2.5.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as […]
CVE ID : CVE-2024-13057 Published : Jan. 27, 2025, 6:15 a.m. | 1 hour, 6 minutes ago Description : The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via […]
CVE ID : CVE-2024-13056 Published : Jan. 27, 2025, 6:15 a.m. | 1 hour, 6 minutes ago Description : The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as […]
CVE ID : CVE-2024-13055 Published : Jan. 27, 2025, 6:15 a.m. | 1 hour, 6 minutes ago Description : The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as […]
CVE ID : CVE-2024-13052 Published : Jan. 27, 2025, 6:15 a.m. | 1 hour, 6 minutes ago Description : The Dental Optimizer Patient Generator App WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users […]
CVE ID : CVE-2024-12773 Published : Jan. 27, 2025, 6:15 a.m. | 1 hour, 6 minutes ago Description : The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks Severity: 0.0 | NA Visit the link for more […]
CVE ID : CVE-2024-12321 Published : Jan. 27, 2025, 6:15 a.m. | 1 hour, 6 minutes ago Description : The WC Affiliate WordPress plugin through 2.3.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. […]
CVE ID : CVE-2024-12280 Published : Jan. 27, 2025, 6:15 a.m. | 1 hour, 6 minutes ago Description : The WP Customer Area WordPress plugin through 8.2.4 does not have CSRF check in place when deleting its logs, which could allow attackers to make a logged in to delete them via a CSRF attack Severity: 0.0 | […]
Strutted Walkthrough — HackTheBox IntroductionIn this write-up, We’ll go through a medium Linux machine where we first gain an initial foothold by exploiting the Apache Struts 2 CVE, followed by leveraging a misconfigured sudo permiss … Read more Published Date: Jan 27, 2025 (2 hours, 37 minutes ago) Vulnerabilities has been mentioned in this article.
The following table lists the changes that have been made to the CVE-2024-28771 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 27, 2025 Action […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
