Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-18 | CVE-2023-6055 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. | 7.4 |
| 2024-10-18 | CVE-2023-6056 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. | 7.4 |
| 2024-10-18 | CVE-2023-6057 | Unspecified vulnerability in Bitdefender Total Security A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. | 7.4 |
| 2024-10-18 | CVE-2023-6058 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been identified in Bitdefender Safepay's handling of HTTPS connections. | 6.8 |
| 2024-10-18 | CVE-2024-10055 | Cross-site Scripting vulnerability in Ninjateam Click to Chat The Click to Chat – WP Support All-in-One Floating Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpsaio_snapchat shortcode in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-10-18 | CVE-2024-10078 | Missing Authorization vulnerability in Newsignature WP Easy Post Types The WP Easy Post Types plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 1.4.4. | 5.4 |
| 2024-10-18 | CVE-2024-10079 | Deserialization of Untrusted Data vulnerability in Newsignature WP Easy Post Types The WP Easy Post Types plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.4.4 via deserialization of untrusted input from the 'text' parameter in the 'ajax_import_content' function. | 8.8 |
| 2024-10-18 | CVE-2024-10080 | Cross-site Scripting vulnerability in Newsignature WP Easy Post Types The WP Easy Post Types plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post meta in versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-10-18 | CVE-2024-9206 | Cross-site Scripting vulnerability in Madrasthemes MAS Companies for WP JOB Manager The MAS Companies For WP Job Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.0.13. | 6.1 |
| 2024-10-18 | CVE-2024-9703 | Cross-site Scripting vulnerability in Tychesoftwares Arconix Shortcodes The Arconix Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'button' shortcode in all versions up to, and including, 2.1.12 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |