Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-14	CVE-2024-5465	Unspecified vulnerability in Huawei Emui and Harmonyos Function vulnerabilities in the Calendar module Impact: Successful exploitation of this vulnerability will affect availability. local low complexity huawei	5.5
2024-06-14	CVE-2024-5994	The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Custom JS option in versions up to, and including, 9.0.38. network low complexity	6.4
2024-06-14	CVE-2023-51377	Missing Authorization vulnerability in Wpeverest Everest Forms Missing Authorization vulnerability in WPEverest Everest Forms.This issue affects Everest Forms: from n/a through 2.0.3. network low complexity wpeverest CWE-862	5.3
2024-06-14	CVE-2023-51495	Missing Authorization vulnerability in Woocommerce Returns and Warranty Requests Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7. network low complexity woocommerce CWE-862	6.5
2024-06-14	CVE-2023-51496	Missing Authorization vulnerability in Woocommerce Returns and Warranty Requests Missing Authorization vulnerability in Woo WooCommerce Warranty Requests.This issue affects WooCommerce Warranty Requests: from n/a through 2.2.7. network low complexity woocommerce CWE-862	5.3
2024-06-14	CVE-2023-51497	Missing Authorization vulnerability in Woocommerce Shipping multiple Addresses Missing Authorization vulnerability in Woo WooCommerce Ship to Multiple Addresses.This issue affects WooCommerce Ship to Multiple Addresses: from n/a through 3.8.9. network low complexity woocommerce CWE-862	5.4
2024-06-14	CVE-2024-1295	Unspecified vulnerability in TRI the Events Calendar The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Calendar WordPress plugin before 6.4.0.1 does not prevent users with at least the contributor role from leaking details about events they shouldn't have access to. network low complexity tri	6.5
2024-06-14	CVE-2024-23504	Missing Authorization vulnerability in Wpmanageninja Ninja Tables Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.5. network low complexity wpmanageninja CWE-862	5.3
2024-06-14	CVE-2024-2122	Cross-site Scripting vulnerability in Fooplugins Foogallery The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via album gallery custom URLs in all versions up to, and including, 2.4.15 due to insufficient input sanitization and output escaping. network low complexity fooplugins CWE-79	5.4
2024-06-14	CVE-2024-3966	Cross-site Scripting vulnerability in Projectcaruso Pray for ME 1.0.4 The Pray For Me WordPress plugin through 1.0.4 does not sanitise and escape some parameters, which could unauthenticated visitors to perform Cross-Site Scripting attacks that trigger when an admin visits the Prayer Requests in the WP Admin network low complexity projectcaruso CWE-79	6.1

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium