Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-12-21 CVE-2024-12721 The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.4 via deserialization of untrusted input from the 'wb_custom_tabs' parameter.
network
low complexity
CWE-502
7.2
7.2
2024-12-21 CVE-2024-12771 The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.3.43.
network
low complexity
CWE-352
8.8
8.8
2024-12-21 CVE-2024-11977 The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.4.10.
network
low complexity
CWE-94
7.3
7.3
2024-12-21 CVE-2024-11349 The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.6.
network
low complexity
CWE-288
critical
 9.8
9.8
2024-12-21 CVE-2024-12846 Cross-site Scripting vulnerability in Emlog
A vulnerability, which was classified as problematic, has been found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
4.8
4.8
2024-12-20 CVE-2024-11811 The Feedify – Web Push Notifications plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'platform', 'phone', 'email', and 'store_url' parameters.
network
low complexity
CWE-79
6.1
6.1
2024-12-20 CVE-2024-12845 Cross-site Scripting vulnerability in Emlog
A vulnerability classified as problematic was found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
6.1
6.1
2024-12-20 CVE-2024-12843 Cross-site Scripting vulnerability in Emlog
A vulnerability was found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
6.1
6.1
2024-12-20 CVE-2024-12844 Cross-site Scripting vulnerability in Emlog
A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
6.1
6.1
2024-12-20 CVE-2024-12841 Cross-site Scripting vulnerability in Emlog
A vulnerability was found in Emlog Pro up to 2.4.1.
network
low complexity
emlog CWE-79
6.1
6.1