Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-11	CVE-2024-35208	Insufficiently Protected Credentials vulnerability in Siemens Sinec Traffic Analyzer A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). local low complexity siemens CWE-522	5.5
2024-06-11	CVE-2024-35211	Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Siemens Sinec Traffic Analyzer A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). network low complexity siemens CWE-614	6.5
2024-06-11	CVE-2023-28775	Missing Authorization vulnerability in Yoast SEO Missing Authorization vulnerability in Yoast Yoast SEO Premium.This issue affects Yoast SEO Premium: from n/a through 20.4. network low complexity yoast CWE-862	5.3
2024-06-11	CVE-2023-33922	Missing Authorization vulnerability in Elementor Website Builder Missing Authorization vulnerability in Elementor Elementor Website Builder.This issue affects Elementor Website Builder: from n/a through 3.13.2. network low complexity elementor CWE-862	4.3
2024-06-11	CVE-2023-52186	Missing Authorization vulnerability in WOO Product Vendors Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.2. network low complexity woo CWE-862	5.3
2024-06-11	CVE-2023-52217	Missing Authorization vulnerability in Wedevs Woocommerce Conversion Tracking Missing Authorization vulnerability in weDevs WooCommerce Conversion Tracking.This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.11. network low complexity wedevs CWE-862	6.3
2024-06-11	CVE-2024-24704	Missing Authorization vulnerability in Addonmaster Load More Anything Missing Authorization vulnerability in AddonMaster Load More Anything.This issue affects Load More Anything: from n/a through 3.3.3. network low complexity addonmaster CWE-862	6.3
2024-06-11	CVE-2024-34824	Missing Authorization vulnerability in Themeboy Sportspress Missing Authorization vulnerability in ThemeBoy SportsPress – Sports Club & League Manager.This issue affects SportsPress – Sports Club & League Manager: from n/a through 2.7.20. network low complexity themeboy CWE-862	6.3
2024-06-11	CVE-2024-5584	The WordPress Online Booking and Scheduling Plugin – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Color Profile parameter in all versions up to, and including, 23.2 due to insufficient input sanitization and output escaping. network low complexity	6.4
2024-06-11	CVE-2024-5531	The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Flickr widget in all versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity	6.4

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium