Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-05-08 CVE-2024-4135 The WP Latest Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.7.
network
low complexity
 5.4
5.4
2024-05-08 CVE-2024-4281 The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'link-library' shortcode in all versions up to, and including, 7.6.11 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
 6.4
6.4
2024-05-08 CVE-2024-3494 The Mesmerize Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mesmerize_contact_form' shortcode in all versions up to, and including, 1.6.148 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
 6.4
6.4
2024-05-08 CVE-2024-4393 The Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2.
network
low complexity
critical
 9.8
9.8
2024-05-07 CVE-2023-6810 The ClickCease Click Fraud Protection plugin for WordPress is vulnerable to unauthorized access of data due to an improper capability check on the get_settings function in all versions up to, and including, 3.2.4.
network
low complexity
 4.3
4.3
2024-05-07 CVE-2024-4346 The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.7.13.
network
low complexity
critical
 9.1
9.1
2024-05-07 CVE-2024-4186 The Build App Online plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.5.
network
low complexity
critical
 9.8
9.8
2024-05-06 CVE-2023-33119 Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.
local
low complexity
 8.4
8.4
2024-05-06 CVE-2023-43521 Memory corruption when multiple listeners are being registered with the same file descriptor.
local
low complexity
 6.7
6.7
2024-05-06 CVE-2023-43524 Memory corruption when the bandpass filter order received from AHAL is not within the expected range.
local
low complexity
 6.7
6.7