Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-05 | CVE-2024-10263 | Code Injection vulnerability in Tickera The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.4. | 7.3 |
| 2024-11-05 | CVE-2024-10840 | Cross-site Scripting vulnerability in Romadebrian Web-Sekolah 1.0 A vulnerability classified as problematic has been found in romadebrian WEB-Sekolah 1.0. | 4.8 |
| 2024-11-05 | CVE-2024-51529 | Unspecified vulnerability in Huawei Emui and Harmonyos Data verification vulnerability in the battery module Impact: Successful exploitation of this vulnerability may affect function stability. | 5.5 |
| 2024-11-05 | CVE-2024-51530 | Unspecified vulnerability in Huawei Emui and Harmonyos LaunchAnywhere vulnerability in the account module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | 5.5 |
| 2024-11-05 | CVE-2024-9657 | Cross-site Scripting vulnerability in Bdthemes Element Pack The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip' parameter in all versions up to, and including, 5.10.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-11-05 | CVE-2024-9867 | Cross-site Scripting vulnerability in Bdthemes Element Pack The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Open Map Widget' marker_content parameter in all versions up to, and including, 5.10.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-11-05 | CVE-2024-10319 | Unspecified vulnerability in Wpxpro Xpro Addons for Elementor The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the render function in widgets/content-toggle/layout/frontend.php. | 4.3 |
| 2024-11-05 | CVE-2024-9178 | Cross-site Scripting vulnerability in Xplodedthemes XT Floating Cart for Woocommerce The XT Floating Cart for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-11-05 | CVE-2024-51517 | Improper Validation of Array Index vulnerability in Huawei Harmonyos 5.0.0 Vulnerability of improper memory access in the phone service module Impact: Successful exploitation of this vulnerability may affect availability. | 5.5 |
| 2024-11-05 | CVE-2024-51518 | Unspecified vulnerability in Huawei Harmonyos 5.0.0 Vulnerability of message types not being verified in the advanced messaging modul Impact: Successful exploitation of this vulnerability may affect availability. | 7.5 |