Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-04	CVE-2024-9368	Cross-site Scripting vulnerability in Miguelmello Aggregator Advanced Settings The Aggregator Advanced Settings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. network low complexity miguelmello CWE-79	5.4
2024-10-04	CVE-2024-9372	Cross-site Scripting vulnerability in Wpblockshub WP Blocks HUB The WP Blocks Hub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. network low complexity wpblockshub CWE-79	5.4
2024-10-04	CVE-2024-9375	Cross-site Scripting vulnerability in Techbanker Captcha Bank The WordPress Captcha Plugin by Captcha Bank plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 4.0.36. network low complexity techbanker CWE-79	6.1
2024-10-04	CVE-2024-9384	Cross-site Scripting vulnerability in Wpfactory Quantity Dynamic Pricing & Bulk Discounts for Woocommerce The Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.8.0. network low complexity wpfactory CWE-79	6.1
2024-10-04	CVE-2024-9421	Cross-site Scripting vulnerability in Prontotools Login Logout Shortcode The Login Logout Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. network low complexity prontotools CWE-79	5.4
2024-10-04	CVE-2024-9445	Cross-site Scripting vulnerability in Acekyd Display Medium Posts The Display Medium Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's display_medium_posts shortcode in all versions up to, and including, 5.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity acekyd CWE-79	5.4
2024-10-04	CVE-2024-44204	Unspecified vulnerability in Apple Iphone OS A logic issue was addressed with improved validation. local low complexity apple	5.5
2024-10-04	CVE-2024-44207	Unspecified vulnerability in Apple Iphone OS This issue was addressed with improved checks. network low complexity apple	4.3
2024-10-03	CVE-2024-42417	SQL Injection vulnerability in Deltaww Diaenergie Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script Handler_CFG.ashx. network low complexity deltaww CWE-89	8.8
2024-10-03	CVE-2024-43699	SQL Injection vulnerability in Deltaww Diaenergie Delta Electronics DIAEnergie is vulnerable to an SQL injection in the script AM_RegReport.aspx. network low complexity deltaww CWE-89 critical	9.8

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities