CVE ID : CVE-2024-13849 Published : Feb. 20, 2025, 10:15 a.m. | 24 minutes ago Description : The Cookie Notice Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, […]
CVE ID : CVE-2024-13802 Published : Feb. 20, 2025, 10:15 a.m. | 24 minutes ago Description : The Bandsintown Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘bandsintown_events’ shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes […]
CVE ID : CVE-2024-13792 Published : Feb. 20, 2025, 10:15 a.m. | 24 minutes ago Description : The WooCommerce Food – Restaurant Menu & Food ordering plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.3.2. This is due to the software allowing users to execute an action that […]
CVE ID : CVE-2024-13789 Published : Feb. 20, 2025, 10:15 a.m. | 24 minutes ago Description : The ravpage plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.31 via deserialization of untrusted input from the ‘paramsv2’ parameter. This makes it possible for unauthenticated attackers to inject a PHP […]
CVE ID : CVE-2024-13476 Published : Feb. 20, 2025, 10:15 a.m. | 24 minutes ago Description : The LTL Freight Quotes – GlobalTranz Edition plugin for WordPress is vulnerable to SQL Injection via the ‘engtz_wd_save_dropship’ AJAX endpoint in all versions up to, and including, 2.3.11 due to insufficient escaping on the user supplied parameter and lack […]
CVE ID : CVE-2024-13753 Published : Feb. 20, 2025, 10:15 a.m. | 24 minutes ago Description : The Ultimate Classified Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the update_profile function. This makes it possible for […]
CVE ID : CVE-2024-13748 Published : Feb. 20, 2025, 10:15 a.m. | 24 minutes ago Description : The Ultimate Classified Listings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Title parameter in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated […]
CVE ID : CVE-2024-13520 Published : Feb. 20, 2025, 10:15 a.m. | 24 minutes ago Description : The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the ‘update_voucher_price’, ‘update_voucher_date’, ‘update_voucher_note’ functions in all versions up to, and […]
CVE-2024-12284: NetScaler Users Urged to Update Against Critical Flaw Cloud Software Group released critical security updates to address a high-severity vulnerability in the NetScaler Console and NetScaler Console Agent, identified as CVE-2024-12284. This vulnerability … Read more Published Date: Feb 20, 2025 (1 hour ago) Vulnerabilities has been mentioned in this article. CVE-2024-12284
Microsoft Power Pages 0-Day Vulnerability Exploited in the Wild Microsoft has confirmed active exploitation of a critical elevation-of-privilege vulnerability (CVE-2025-24989) in its Power Pages platform, a low-code tool organizations use to build business website … Read more Published Date: Feb 20, 2025 (1 hour, 14 minutes ago) Vulnerabilities has been mentioned in this article.
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
