Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-28	CVE-2024-23967	Out-of-bounds Write vulnerability in Autel Maxicharger AC Elite Business C50 Firmware 1.32.00 Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability. low complexity autel CWE-787	8.0
2024-09-28	CVE-2024-9295	SQL Injection vulnerability in Mayurik Advocate Office Management System 1.0 A vulnerability was found in SourceCodester Advocate Office Management System 1.0 and classified as critical. network low complexity mayurik CWE-89 critical	9.8
2024-09-28	CVE-2024-23938	Out-of-bounds Write vulnerability in Silabs Gecko OS 1.0.46 Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability. low complexity silabs CWE-787	8.8
2024-09-28	CVE-2024-23957	Out-of-bounds Write vulnerability in Autel Maxicharger AC Elite Business C50 Firmware 1.32.00 Autel MaxiCharger AC Elite Business C50 DLB_HostHeartBeat Stack-based Buffer Overflow Remote Code Execution Vulnerability. low complexity autel CWE-787	8.8
2024-09-28	CVE-2024-8715	Cross-site Scripting vulnerability in Objectiv Simple Ldap Login The Simple LDAP Login plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. network low complexity objectiv CWE-79	6.1
2024-09-28	CVE-2024-8353	Deserialization of Untrusted Data vulnerability in Givewp The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.1 via deserialization of untrusted input via several parameters like 'give_title' and 'card_address'. network low complexity givewp CWE-502 critical	9.8
2024-09-28	CVE-2024-8547	Cross-site Scripting vulnerability in Garrettgrimm Simple Popup Plugin 4.5 The Simple Popup Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [popup] shortcode in all versions up to, and including, 4.5 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity garrettgrimm CWE-79	5.4
2024-09-28	CVE-2024-8788	Cross-site Scripting vulnerability in Wpfactory Eu/Uk VAT Manager for Woocommerce The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.12.11. network low complexity wpfactory CWE-79	6.1
2024-09-28	CVE-2024-9023	Cross-site Scripting vulnerability in Axton Wp-Webauthn The WP-WebAuthn plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wwa_login_form shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity axton CWE-79	5.4
2024-09-28	CVE-2024-9189	Missing Authorization vulnerability in Wpfactory Eu/Uk VAT Manager for Woocommerce The EU/UK VAT Manager for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the alg_wc_eu_vat_exempt_vat_from_admin() function in all versions up to, and including, 2.12.12. network low complexity wpfactory CWE-862	5.3

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities