Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-12 | CVE-2023-51679 | Missing Authorization vulnerability in Bulkgate SMS Plugin for Woocommerce 3.0.2 Missing Authorization vulnerability in BulkGate BulkGate SMS Plugin for WooCommerce.This issue affects BulkGate SMS Plugin for WooCommerce: from n/a through 3.0.2. | 5.4 |
| 2024-06-12 | CVE-2023-51680 | Missing Authorization vulnerability in Technovama Quotes for Woocommerce Missing Authorization vulnerability in TechnoVama Quotes for WooCommerce.This issue affects Quotes for WooCommerce: from n/a through 2.0.1. | 6.3 |
| 2024-06-12 | CVE-2023-52117 | Missing Authorization vulnerability in Metagauss Profilegrid Missing Authorization vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid: from n/a through 5.6.6. | 6.3 |
| 2024-06-12 | CVE-2023-52177 | Missing Authorization vulnerability in Softlab Integrate Google Drive Missing Authorization vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.3. | 6.3 |
| 2024-06-12 | CVE-2024-5266 | Cross-site Scripting vulnerability in Wpdownloadmanager Download Manager The Download Manager Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via wpdm_user_dashboard, wpdm_package, wpdm_packages, wpdm_search_result, and wpdm_tag shortcodes in all versions up to, and including, 3.2.92 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-06-12 | CVE-2024-5742 | Link Following vulnerability in multiple products A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. | 6.7 |
| 2024-06-12 | CVE-2024-3925 | The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Creative Button widget in all versions up to, and including, 5.6.7 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity | 6.4 |
| 2024-06-12 | CVE-2024-0160 | Incorrect Authorization vulnerability in Dell products Dell Client Platform contains an incorrect authorization vulnerability. | 6.8 |
| 2024-06-12 | CVE-2024-28970 | Out-of-bounds Write vulnerability in Dell products Dell Client BIOS contains an Out-of-bounds Write vulnerability. | 4.4 |
| 2024-06-12 | CVE-2024-5892 | The Divi Torque Lite – Divi Theme and Extra Theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘support_unfiltered_files_upload’ function in all versions up to, and including, 3.6.6 due to insufficient input sanitization and output escaping. network low complexity | 6.4 |