Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-18 | CVE-2024-49239 | Cross-site Scripting vulnerability in Nikhilvaghela ADD Categories Post Footer Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nikhil Vaghela Add Categories Post Footer allows Reflected XSS.This issue affects Add Categories Post Footer: from n/a through 2.2.2. | 6.1 |
| 2024-10-18 | CVE-2024-49240 | Cross-site Scripting vulnerability in Agustinberasategui AB Categories Search Widget Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Agustin Berasategui AB Categories Search Widget allows Reflected XSS.This issue affects AB Categories Search Widget: from n/a through 0.2.5. | 6.1 |
| 2024-10-18 | CVE-2024-49241 | Cross-site Scripting vulnerability in Tadywalsh Tito Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tady Walsh Tito allows DOM-Based XSS.This issue affects Tito: from n/a through 2.3. | 5.4 |
| 2024-10-18 | CVE-2024-49243 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Jonvincentmendoza Dynamic Elementor Addons Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jon Vincent Mendoza Dynamic Elementor Addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a through 1.0.0. | 8.8 |
| 2024-10-18 | CVE-2024-9425 | Cross-site Scripting vulnerability in Sajjadhsagor Advanced Category and Custom Taxonomy Image The Advanced Category and Custom Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ad_tax_image shortcode in all versions up to, and including, 1.0.9 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-10-18 | CVE-2023-49570 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. | 7.4 |
| 2024-10-18 | CVE-2024-47485 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Hikvision Hikcentral Master There is a CSV injection vulnerability in some HikCentral Master Lite versions. | 9.8 |
| 2024-10-18 | CVE-2024-47486 | Cross-site Scripting vulnerability in Hikvision Hikcentral Master There is an XSS vulnerability in some HikCentral Master Lite versions. | 6.1 |
| 2024-10-18 | CVE-2024-47487 | SQL Injection vulnerability in Hikvision Hikcentral Professional 2.0.0/2.5.1 There is a SQL injection vulnerability in some HikCentral Professional versions. | 8.8 |
| 2024-10-18 | CVE-2024-4739 | Unspecified vulnerability in Moxa Mxsecurity 1.0/1.0.1/1.1.0 The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable. | 7.5 |