Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-05 | CVE-2024-9532 | Classic Buffer Overflow vulnerability in Dlink Dir-605L Firmware 2.13B01 A vulnerability has been found in D-Link DIR-605L 2.13B01 BETA and classified as critical. | 8.8 |
| 2024-10-05 | CVE-2024-8743 | The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Limited JavaScript File Upload in all versions up to, and including, 6.5.7. | 6.8 |
| 2024-10-05 | CVE-2024-9528 | The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form label fields in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping. | 4.9 |
| 2024-10-05 | CVE-2024-47841 | Path Traversal vulnerability in Wikimedia Wikimedia-Extensions-Css Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Path Traversal.This issue affects Mediawiki - CSS Extension: from 1.42.X before 1.42.2, from 1.41.X before 1.41.3, from 1.39.X before 1.39.9. | 7.5 |
| 2024-10-05 | CVE-2024-9455 | The WP Cleanup and Basic Functions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. | 6.4 |
| 2024-10-05 | CVE-2024-47840 | Cross-site Scripting vulnerability in Wikimedia Apex Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - Apex skin allows Stored XSS.This issue affects Mediawiki - Apex skin: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2. | 4.8 |
| 2024-10-05 | CVE-2024-47845 | Improper Encoding or Escaping of Output vulnerability in Wikimedia Wikimedia-Extensions-Css Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2. | 8.2 |
| 2024-10-05 | CVE-2024-47846 | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki Cargo 3.6.0 Cross-Site Request Forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows Cross Site Request Forgery.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1. | 8.8 |
| 2024-10-05 | CVE-2024-47847 | Cross-site Scripting vulnerability in Mediawiki Cargo 3.6.0 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1. | 6.1 |
| 2024-10-05 | CVE-2024-47849 | SQL Injection vulnerability in Mediawiki Cargo 3.6.0 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1. | 9.8 |