Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-06-11 | CVE-2024-35208 | Insufficiently Protected Credentials vulnerability in Siemens Sinec Traffic Analyzer A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). | 5.5 |
2024-06-11 | CVE-2024-35211 | Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Siemens Sinec Traffic Analyzer A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions < V1.2). | 6.5 |
2024-06-11 | CVE-2023-28775 | Missing Authorization vulnerability in Yoast SEO Missing Authorization vulnerability in Yoast Yoast SEO Premium.This issue affects Yoast SEO Premium: from n/a through 20.4. | 5.3 |
2024-06-11 | CVE-2023-33922 | Missing Authorization vulnerability in Elementor Website Builder Missing Authorization vulnerability in Elementor Elementor Website Builder.This issue affects Elementor Website Builder: from n/a through 3.13.2. | 4.3 |
2024-06-11 | CVE-2023-52186 | Missing Authorization vulnerability in WOO Product Vendors Missing Authorization vulnerability in Woo WooCommerce Product Vendors.This issue affects WooCommerce Product Vendors: from n/a through 2.2.2. | 5.3 |
2024-06-11 | CVE-2023-52217 | Missing Authorization vulnerability in Wedevs Woocommerce Conversion Tracking Missing Authorization vulnerability in weDevs WooCommerce Conversion Tracking.This issue affects WooCommerce Conversion Tracking: from n/a through 2.0.11. | 6.3 |
2024-06-11 | CVE-2024-24704 | Missing Authorization vulnerability in Addonmaster Load More Anything Missing Authorization vulnerability in AddonMaster Load More Anything.This issue affects Load More Anything: from n/a through 3.3.3. | 6.3 |
2024-06-11 | CVE-2024-34824 | Missing Authorization vulnerability in Themeboy Sportspress Missing Authorization vulnerability in ThemeBoy SportsPress – Sports Club & League Manager.This issue affects SportsPress – Sports Club & League Manager: from n/a through 2.7.20. | 6.3 |
2024-06-11 | CVE-2024-5584 | The WordPress Online Booking and Scheduling Plugin – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Color Profile parameter in all versions up to, and including, 23.2 due to insufficient input sanitization and output escaping. network low complexity | 6.4 |
2024-06-11 | CVE-2024-5531 | The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Flickr widget in all versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity | 6.4 |