Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-02 | CVE-2024-8254 | Code Injection vulnerability in Icegram Email Subscribers & Newsletters The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.7.34. | 6.3 |
| 2024-10-02 | CVE-2024-7855 | The WP Hotel Booking plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_review() function in all versions up to, and including, 2.1.2. | 8.8 |
| 2024-10-01 | CVE-2024-47523 | Cross-site Scripting vulnerability in Librenms LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. | 5.4 |
| 2024-10-01 | CVE-2024-47524 | Cross-site Scripting vulnerability in Librenms LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. | 4.8 |
| 2024-10-01 | CVE-2024-47525 | Cross-site Scripting vulnerability in Librenms LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. | 5.4 |
| 2024-10-01 | CVE-2024-47526 | Unspecified vulnerability in Librenms LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. | 2.4 |
| 2024-10-01 | CVE-2024-47527 | Cross-site Scripting vulnerability in Librenms LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. | 5.4 |
| 2024-10-01 | CVE-2024-47528 | Unspecified vulnerability in Librenms LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. | 4.8 |
| 2024-10-01 | CVE-2024-45999 | SQL Injection vulnerability in Magicbug Cloudlog A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the get_station_info()function located in the file /application/models/Oqrs_model.php. | 9.8 |
| 2024-10-01 | CVE-2024-31835 | Cross-site Scripting vulnerability in Flatpress Cross Site Scripting vulnerability in flatpress CMS Flatpress v1.3 allows a remote attacker to execute arbitrary code via a crafted payload to the file name parameter. | 4.8 |