Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-06 | CVE-2024-10020 | Unspecified vulnerability in Heateor Social Login The Heateor Social Login WordPress plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.1.35. | 8.1 |
| 2024-11-06 | CVE-2024-10535 | Missing Authorization vulnerability in Martinvalchev Video Gallery for Woocommerce The Video Gallery for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the remove_unused_thumbnails() function in all versions up to, and including, 1.31. | 5.3 |
| 2024-11-06 | CVE-2024-10543 | Missing Authorization vulnerability in Tumult Hype Animations The Tumult Hype Animations plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the hypeanimations_getcontent function in all versions up to, and including, 1.9.14. | 4.3 |
| 2024-11-06 | CVE-2024-6626 | Missing Authorization vulnerability in Theinnovs Eleforms The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on several functions in all versions up to, and including, 2.9.9.9. | 5.3 |
| 2024-11-06 | CVE-2024-9307 | Unrestricted Upload of File with Dangerous Type vulnerability in Themelooks Mfolio The mFolio Lite plugin for WordPress is vulnerable to file uploads due to a missing capability check in all versions up to, and including, 1.2.1. | 8.8 |
| 2024-11-06 | CVE-2024-9946 | Unspecified vulnerability in Heateor Super Socializer The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.13.68. | 8.1 |
| 2024-11-06 | CVE-2024-34673 | Unspecified vulnerability in Samsung Android 12.0/13.0/14.0 Improper Input Validation in IpcProtocol in Modem prior to SMR Nov-2024 Release 1 allows local attackers to cause Denial-of-Service. | 5.5 |
| 2024-11-06 | CVE-2024-34674 | Unspecified vulnerability in Samsung Android 12.0/13.0/14.0 Improper access control in Contacts prior to SMR Nov-2024 Release 1 allows physical attackers to access data across multiple user profiles. low complexity samsung | 4.6 |
| 2024-11-06 | CVE-2024-34675 | Unspecified vulnerability in Samsung Android 14.0 Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to temporarily access to unlocked screen. low complexity samsung | 4.6 |
| 2024-11-06 | CVE-2024-34676 | Out-of-bounds Write vulnerability in Samsung Android 12.0/13.0/14.0 Out-of-bounds write in parsing subtitle file in libsubextractor.so prior to SMR Nov-2024 Release 1 allows local attackers to cause memory corruption. | 7.3 |