CVE ID : CVE-2024-13832 Published : Feb. 28, 2025, 9:15 a.m. | 59 minutes ago Description : The Ultra Addons Lite for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.8 via the ‘ut_elementor’ shortcode due to insufficient restrictions on which posts can be included. This makes it […]
CVE ID : CVE-2024-9019 Published : Feb. 28, 2025, 9:15 a.m. | 59 minutes ago Description : The SecuPress Free — WordPress Security plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s secupress_check_ban_ips_form shortcode in all versions up to, and including, 2.2.5.3 due to insufficient input sanitization and output escaping on user supplied […]
CVE ID : CVE-2024-13851 Published : Feb. 28, 2025, 9:15 a.m. | 59 minutes ago Description : The Modal Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.7.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and […]
The WHMpress – WHMCS WordPress Integration Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 6.3-revision-0 via the whmpress_domain_search_ajax_extended_results() function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This […]
The following table lists the changes that have been made to the CVE-2024-8425 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Feb. 28, 2025 Action […]
The following table lists the changes that have been made to the CVE-2024-8420 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Feb. 28, 2025 Action […]
CVE ID : CVE-2024-13831 Published : Feb. 28, 2025, 9:15 a.m. | 59 minutes ago Description : The Tabs for WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input in the ‘product_has_custom_tabs’ function. This makes it possible for authenticated attackers, with Shop […]
CVE ID : CVE-2024-13716 Published : Feb. 28, 2025, 9:15 a.m. | 59 minutes ago Description : The Forex Calculators plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_settings_callback() function in all versions up to, and including, 1.3.5. This makes it possible for authenticated attackers, with […]
CVE ID : CVE-2024-13638 Published : Feb. 28, 2025, 9:15 a.m. | 59 minutes ago Description : The Order Attachments for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.5.1 via the ‘uploads’ directory. This makes it possible for unauthenticated attackers to extract sensitive data stored insecurely […]
CVE ID : CVE-2024-13469 Published : Feb. 28, 2025, 9:15 a.m. | 59 minutes ago Description : The Pricing Table by PickPlugins plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button Link in all versions up to, and including, 1.12.10 due to insufficient input sanitization and output escaping. This makes it possible for […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
