Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-19 | CVE-2024-45770 | A vulnerability was found in Performance Co-Pilot (PCP). | 4.4 |
| 2024-09-19 | CVE-2024-47087 | Unspecified vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD Geo due to improper validation of the certain parameters (Client ID, DPID or BOID) in the API endpoint. | 6.5 |
| 2024-09-19 | CVE-2024-47088 | Improper Restriction of Excessive Authentication Attempts vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive failed authentication attempts on its API based login. | 9.8 |
| 2024-09-19 | CVE-2024-47089 | Improper Validation of Integrity Check Value vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the transaction token ID in the API endpoint. | 6.5 |
| 2024-09-19 | CVE-2024-47085 | Unspecified vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD DP Back Office due to improper validation of certain parameters (cCdslClicentcode and cLdClientCode) in the API endpoint. | 6.5 |
| 2024-09-19 | CVE-2024-47086 | Unspecified vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. | 6.5 |
| 2024-09-19 | CVE-2022-4533 | Insufficient Verification of Data Authenticity vulnerability in Felixmoira Limit Login Attempts Plus The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. | 5.3 |
| 2024-09-19 | CVE-2024-8364 | Cross-site Scripting vulnerability in Webhammer WP Custom Fields Search The WP Custom Fields Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcfs-preset shortcode in all versions up to, and including, 1.2.35 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-09-19 | CVE-2024-8850 | Cross-site Scripting vulnerability in Ibericode Mailchimp The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email' parameter when a placeholder such as {email} is used for the field in versions 4.9.9 to 4.9.16 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-09-18 | CVE-2021-27917 | Cross-site Scripting vulnerability in Acquia Mautic Prior to this patch, a stored XSS vulnerability existed in the contact tracking and page hits report. | 5.4 |