Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-31	CVE-2024-9165	The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.4.4 due to insufficient input sanitization and output escaping. network low complexity CWE-79	6.4
2024-10-31	CVE-2024-9430	The Get Quote For Woocommerce – Request A Quote For Woocommerce plugin for WordPress is vulnerable to unauthorized access of Quote data due to a missing capability check on the ct_tepfw_wp_loaded function in all versions up to, and including, 1.0.0. network low complexity CWE-306	5.3
2024-10-31	CVE-2024-9434	The WPGlobus Translate Options plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. network low complexity	6.1
2024-10-31	CVE-2024-9446	The WP Simple Anchors Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpanchor shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity CWE-79	6.4
2024-10-31	CVE-2024-10392	The AI Power: Complete AI Pack plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_image_upload' function in all versions up to, and including, 1.8.89. network low complexity CWE-434 critical	9.8
2024-10-31	CVE-2024-9708	Cross-site Scripting vulnerability in Delowerhossain Easy SVG Upload The Easy SVG Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. network low complexity delowerhossain CWE-79	5.4
2024-10-31	CVE-2024-10544	The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.1.7 through publicly exposed log files. network low complexity CWE-532	5.3
2024-10-31	CVE-2024-10559	Classic Buffer Overflow vulnerability in Razormist Airport Booking Management System 1.0 A vulnerability was found in SourceCodester Airport Booking Management System 1.0 and classified as critical. local low complexity razormist CWE-120	7.8
2024-10-31	CVE-2024-10561	SQL Injection vulnerability in Codezips PET Shop Management System 1.0 A vulnerability was found in Codezips Pet Shop Management System 1.0. network low complexity codezips CWE-89 critical	9.8
2024-10-31	CVE-2024-10556	SQL Injection vulnerability in Codezips PET Shop Management System 1.0 A vulnerability, which was classified as critical, was found in Codezips Pet Shop Management System 1.0. network low complexity codezips CWE-89 critical	9.8

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities