2024-07-31 | CVE-2024-6208 | The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpdm_all_packages' shortcode in all versions up to, and including, 3.2.97 due to insufficient input sanitization and output escaping on the 'cols' parameter. | 6.4 |
2024-07-31 | CVE-2024-7321 | Cross-site Scripting vulnerability in Adonesevangelista Online Blood Bank Management System 1.0 A vulnerability classified as problematic was found in itsourcecode Online Blood Bank Management System 1.0. | 6.1 |
2024-07-31 | CVE-2024-6725 | The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘html’ parameter in all versions up to, and including, 6.11.1 due to insufficient input sanitization and output escaping. | 4.9 |
2024-07-31 | CVE-2024-7135 | The Tainacan plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_file' function in all versions up to, and including, 0.21.7. | 6.5 |
2024-07-31 | CVE-2024-7309 | Cross-site Scripting vulnerability in Jkev Record Management System 1.0 A vulnerability was found in SourceCodester Record Management System 1.0. | 5.4 |
2024-07-31 | CVE-2024-7310 | Cross-site Scripting vulnerability in Jkev Record Management System 1.0 A vulnerability was found in SourceCodester Record Management System 1.0. | 6.1 |
2024-07-31 | CVE-2024-2508 | The WP Mobile Menu plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_menu_item_icon function in all versions up to, and including, 2.8.4.4. | 5.3 |
2024-07-31 | CVE-2024-7264 | Out-of-bounds Read vulnerability in Haxx Libcurl libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. | 6.5 |
2024-07-31 | CVE-2024-7303 | Cross-site Scripting vulnerability in Adonesevangelista Online Blood Bank Management System 1.0 A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. | 5.4 |
2024-07-31 | CVE-2024-39945 | Unspecified vulnerability in Dahuasecurity products A vulnerability has been found in Dahua products. After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash. | 4.9 |