Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-25 | CVE-2024-9302 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Appcheap APP Builder The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.3.7. | 9.8 |
2024-10-25 | CVE-2024-9607 | Cross-site Scripting vulnerability in 10Web Social Post Feed The 10Web Social Post Feed plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.2.9. | 6.1 |
2024-10-25 | CVE-2024-9109 | Missing Authorization vulnerability in Octolize Woocommerce UPS Shipping The WooCommerce UPS Shipping – Live Rates and Access Points plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_oauth_data function in all versions up to, and including, 2.3.11. | 4.3 |
2024-10-25 | CVE-2024-9488 | Unspecified vulnerability in Gvectors Wpdiscuz The Comments – wpDiscuz plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.6.24. | 9.8 |
2024-10-25 | CVE-2024-9686 | Missing Authorization vulnerability in Choplugins Order Notification for Telegram The Order Notification for Telegram plugin for WordPress is vulnerable to unauthorized test message sending due to a missing capability check on the 'nktgnfw_send_test_message' function in versions up to, and including, 1.0.1. | 5.3 |
2024-10-25 | CVE-2024-10368 | SQL Injection vulnerability in Codezips Sales Management System 1.0 A vulnerability was found in Codezips Sales Management System 1.0. | 9.8 |
2024-10-25 | CVE-2024-10369 | SQL Injection vulnerability in Codezips Sales Management System 1.0 A vulnerability was found in Codezips Sales Management System 1.0. | 9.8 |
2024-10-25 | CVE-2024-10370 | SQL Injection vulnerability in Codezips Sales Management System 1.0 A vulnerability was found in Codezips Sales Management System 1.0. | 9.8 |
2024-10-25 | CVE-2024-10371 | Classic Buffer Overflow vulnerability in Razormist Payroll Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Payroll Management System 1.0. | 9.8 |
2024-10-25 | CVE-2024-10372 | Insecure Temporary File vulnerability in Chidiwilliams Buzz 1.1.0 A vulnerability classified as problematic was found in chidiwilliams buzz 1.1.0. | 3.6 |