Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-04	CVE-2024-47651	Unspecified vulnerability in Shilpi Client Dashboard This vulnerability exists in Shilpi Client Dashboard due to improper handling of multiple parameters in the API endpoint. network low complexity shilpi	6.5
2024-10-04	CVE-2024-6400	Cleartext Storage of Sensitive Information vulnerability in Finrota Cleartext Storage of Sensitive Information vulnerability in Finrota Netahsilat allows Retrieve Embedded Sensitive Data.This issue solved in versions 1.21.10, 1.23.01, 1.23.08, 1.23.11 and 1.24.03. network low complexity finrota CWE-312	7.5
2024-10-04	CVE-2024-9071	Cross-site Scripting vulnerability in Sigmadevs Easy Demo Importer The Easy Demo Importer – A Modern One-Click Demo Import Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. network low complexity sigmadevs CWE-79	5.4
2024-10-04	CVE-2024-9271	Cross-site Scripting vulnerability in Remilia Re:Wp The Re:WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. network low complexity remilia CWE-79	5.4
2024-10-04	CVE-2024-6444	Out-of-bounds Write vulnerability in Zephyrproject Zephyr 3.2.01 No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c. low complexity zephyrproject CWE-787	6.5
2024-10-04	CVE-2024-9306	Cross-site Scripting vulnerability in Wpbookingcalendar WP Booking Calendar The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 10.6 due to insufficient input sanitization and output escaping. network low complexity wpbookingcalendar CWE-79	4.8
2024-10-04	CVE-2024-9435	Cross-site Scripting vulnerability in Plainware Shiftcontroller The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys in all versions up to, and including, 4.9.66 due to insufficient input sanitization and output escaping. network low complexity plainware CWE-79	6.1
2024-10-04	CVE-2024-47854	Cross-site Scripting vulnerability in Veritas Data Insight An XSS vulnerability was discovered in Veritas Data Insight before 7.1. network low complexity veritas CWE-79	6.1
2024-10-04	CVE-2024-6442	Out-of-bounds Write vulnerability in Zephyrproject Zephyr 3.2.01 In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow. low complexity zephyrproject CWE-787	6.5
2024-10-04	CVE-2024-6443	Out-of-bounds Write vulnerability in Zephyrproject Zephyr 3.2.01 In utf8_trunc in zephyr/lib/utils/utf8.c, last_byte_p can point to one byte before the string pointer if the string is empty. low complexity zephyrproject CWE-787	6.5

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities