Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-06	CVE-2024-6861	A disclosure of sensitive information flaw was found in foreman via the GraphQL API. network low complexity CWE-200	7.5
2024-11-06	CVE-2020-11859	Cross-site Scripting vulnerability in Microfocus Imanager Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3 network low complexity microfocus CWE-79	5.4
2024-11-06	CVE-2024-10914	Unspecified vulnerability in Dlink products A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. network low complexity dlink critical	9.8
2024-11-06	CVE-2024-10915	OS Command Injection vulnerability in Dlink products A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. network low complexity dlink CWE-78 critical	9.8
2024-11-06	CVE-2024-10186	Cross-site Scripting vulnerability in Avecnous Event Post The Event post plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's events_cal shortcode in all versions up to, and including, 5.9.6 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity avecnous CWE-79	5.4
2024-11-06	CVE-2024-10168	Cross-site Scripting vulnerability in Pluginus Woot The Active Products Tables for WooCommerce. network low complexity pluginus CWE-79	5.4
2024-11-06	CVE-2024-8323	Cross-site Scripting vulnerability in Fatcatapps Easy Pricing Tables The Pricing Tables WordPress Plugin – Easy Pricing Tables plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘fontFamily’ attribute in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escaping. network low complexity fatcatapps CWE-79	5.4
2024-11-06	CVE-2024-10715	Cross-site Scripting vulnerability in Mappresspro Mappress The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Map block in all versions up to, and including, 2.94.1 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity mappresspro CWE-79	5.4
2024-11-06	CVE-2024-8614	Unrestricted Upload of File with Dangerous Type vulnerability in Eyecix Jobsearch WP JOB Board The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jobsearch_wp_handle_upload() function in all versions up to, and including, 2.6.7. network low complexity eyecix CWE-434	8.8
2024-11-06	CVE-2024-8615	Unrestricted Upload of File with Dangerous Type vulnerability in Eyecix Jobsearch WP JOB Board The JobSearch WP Job Board plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the jobsearch_location_load_excel_file_callback() function in all versions up to, and including, 2.6.7. network low complexity eyecix CWE-434 critical	9.8

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities