Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-12-12 CVE-2024-12260 The Ultimate Endpoints With Rest Api plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 2.2.2 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.1
6.1
2024-12-12 CVE-2024-12338 The Website Toolbox Community plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘websitetoolbox_username’ parameter in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.1
6.1
2024-12-12 CVE-2024-12341 The Custom Skins Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'cf7cs_action_callback' function in all versions up to, and including, 1.0.
network
low complexity
CWE-862
4.3
4.3
2024-12-12 CVE-2024-12461 The WP-Revive Adserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wprevive_async' shortcode in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-12-12 CVE-2024-12492 SQL Injection vulnerability in Anisha Farmacia 1.0
A vulnerability was found in code-projects Farmacia 1.0.
network
low complexity
anisha CWE-89
8.8
8.8
2024-12-12 CVE-2024-12497 SQL Injection vulnerability in 1000Projects Attendance Tracking Management System 1.0
A vulnerability classified as critical has been found in 1000 Projects Attendance Tracking Management System 1.0.
network
low complexity
1000projects CWE-89
critical
 9.8
9.8
2024-12-12 CVE-2024-12503 Cross-site Scripting vulnerability in Classcms 4.8
A vulnerability classified as problematic was found in ClassCMS 4.8.
network
low complexity
classcms CWE-79
4.8
4.8
2024-12-12 CVE-2024-12536 Cross-site Scripting vulnerability in Mayurik Advocate Office Management System 1.0
A vulnerability, which was classified as problematic, has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0.
network
low complexity
mayurik CWE-79
5.4
5.4
2024-12-12 CVE-2024-44200 Unspecified vulnerability in Apple Ipados
This issue was addressed with improved redaction of sensitive information.
local
low complexity
apple
3.3
3.3
2024-12-12 CVE-2024-44201 Unspecified vulnerability in Apple Iphone OS
The issue was addressed with improved memory handling.
local
low complexity
apple
5.5
5.5