Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-10 | CVE-2024-27792 | Unspecified vulnerability in Apple Macos This issue was addressed by adding an additional prompt for user consent. | 5.5 |
| 2024-06-10 | CVE-2024-36413 | Cross-site Scripting vulnerability in Salesagility Suitecrm SuiteCRM is an open-source Customer Relationship Management (CRM) software application. | 5.4 |
| 2024-06-10 | CVE-2024-36414 | Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm SuiteCRM is an open-source Customer Relationship Management (CRM) software application. | 6.5 |
| 2024-06-10 | CVE-2024-31612 | Cross-Site Request Forgery (CSRF) vulnerability in Emlog 2.3.0 Emlog pro2.3 is vulnerable to Cross Site Request Forgery (CSRF) via twitter.php which can be used with a XSS vulnerability to access administrator information. | 6.5 |
| 2024-06-10 | CVE-2024-35728 | Injection vulnerability in Themeisle Product Addons & Fields for Woocommerce Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Themeisle PPOM for WooCommerce allows Code Inclusion.This issue affects PPOM for WooCommerce: from n/a through 32.0.20. | 5.3 |
| 2024-06-10 | CVE-2024-35743 | Path Traversal vulnerability in SC Filechecker Project SC Filechecker 0.6 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Siteclean SC filechecker allows Path Traversal, File Manipulation.This issue affects SC filechecker: from n/a through 0.6. | 6.5 |
| 2024-06-10 | CVE-2024-35744 | Path Traversal vulnerability in Upunzipper Project Upunzipper 1.0.0 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ravidhu Dissanayake Upunzipper allows Path Traversal, File Manipulation.This issue affects Upunzipper: from n/a through 1.0.0. | 6.5 |
| 2024-06-10 | CVE-2024-35747 | Improper Restriction of Excessive Authentication Attempts vulnerability in Contact Form Builder Project Contact Form Builder Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form Builder, Contact Widget allows Functionality Bypass.This issue affects Contact Form Builder, Contact Widget: from n/a through 2.1.7. | 5.3 |
| 2024-06-10 | CVE-2024-35749 | Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode 2.6 Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6. | 5.3 |
| 2024-06-10 | CVE-2024-35754 | Path Traversal vulnerability in Ovic Importer Project Ovic Importer 1.6.3 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ovic Team Ovic Importer allows Path Traversal.This issue affects Ovic Importer: from n/a through 1.6.3. | 6.5 |