Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-05-04 CVE-2023-7065 The Stop Spammers Security | Block Spam Users, Comments, Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2024.4.
network
low complexity
 5.4
5.4
2024-05-04 CVE-2024-1050 The Import and export users and customers plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_force_reset_password_delete_metas() function in all versions up to, and including, 1.26.5.
network
low complexity
 4.3
4.3
2024-05-04 CVE-2024-3237 The ConvertPlug plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the cp_dismiss_notice() function in all versions up to, and including, 3.5.25.
network
low complexity
 5.4
5.4
2024-05-04 CVE-2024-3240 The ConvertPlug plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.25 via deserialization of untrusted input from the 'settings_encoded' attribute of the 'smile_info_bar' shortcode.
network
low complexity
 8.8
8.8
2024-05-04 CVE-2024-3868 The Folders Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's First Name and Last Name in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping.
network
low complexity
 5.4
5.4
2024-05-03 CVE-2024-3479 An improper export vulnerability was reported in the Motorola Enterprise MotoDpms Provider (com.motorola.server.enterprise.MotoDpmsProvider) that could allow a local attacker to read local data.
local
low complexity
 2.8
2.8
2024-05-03 CVE-2024-3480 An Implicit intent vulnerability was reported in the Motorola framework that could allow an attacker to read telephony-related data.
local
low complexity
 2.8
2.8
2024-05-03 CVE-2023-41816 An improper export vulnerability was reported in the Motorola Services Main application that could allow a local attacker to write to a local database. 
local
low complexity
 5.0
5.0
2024-05-03 CVE-2023-41817 An improper export vulnerability was reported in the Motorola Phone Calls application that could allow a local attacker to read unauthorized information.
local
low complexity
 2.8
2.8
2024-05-03 CVE-2023-41818 An improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a local attacker to read system logs. 
local
low complexity
 5.0
5.0