Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-19 | CVE-2024-47089 | Improper Validation of Integrity Check Value vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the transaction token ID in the API endpoint. | 6.5 |
| 2024-09-19 | CVE-2024-47085 | Unspecified vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD DP Back Office due to improper validation of certain parameters (cCdslClicentcode and cLdClientCode) in the API endpoint. | 6.5 |
| 2024-09-19 | CVE-2024-47086 | Unspecified vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. | 6.5 |
| 2024-09-19 | CVE-2022-4533 | Insufficient Verification of Data Authenticity vulnerability in Felixmoira Limit Login Attempts Plus The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. | 5.3 |
| 2024-09-19 | CVE-2024-8364 | Cross-site Scripting vulnerability in Webhammer WP Custom Fields Search The WP Custom Fields Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcfs-preset shortcode in all versions up to, and including, 1.2.35 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-09-19 | CVE-2024-8850 | Cross-site Scripting vulnerability in Ibericode Mailchimp The MC4WP: Mailchimp for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email' parameter when a placeholder such as {email} is used for the field in versions 4.9.9 to 4.9.16 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-09-18 | CVE-2021-27917 | Cross-site Scripting vulnerability in Acquia Mautic Prior to this patch, a stored XSS vulnerability existed in the contact tracking and page hits report. | 5.4 |
| 2024-09-18 | CVE-2024-46372 | Cross-site Scripting vulnerability in Dedecms 5.7.115 DedeCMS 5.7.115 is vulnerable to Cross Site Scripting (XSS) via the advertisement code box in the advertisement management module. | 6.1 |
| 2024-09-18 | CVE-2024-47050 | Cross-site Scripting vulnerability in Acquia Mautic Prior to this patch being applied, Mautic's tracking was vulnerable to Cross-Site Scripting through the Page URL variable. | 6.1 |
| 2024-09-18 | CVE-2024-47058 | Cross-site Scripting vulnerability in Acquia Mautic With access to edit a Mautic form, the attacker can add Cross-Site Scripting stored in the html filed. | 4.8 |