Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-09	CVE-2024-5458	Insufficient Verification of Data Authenticity vulnerability in multiple products In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. network low complexity php fedoraproject CWE-345	5.3
2024-06-09	CVE-2024-32704	Missing Authorization vulnerability in Reputeinfosystems Arforms Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a through 6.4. network low complexity reputeinfosystems CWE-862	6.5
2024-06-09	CVE-2023-34003	Missing Authorization vulnerability in Woocommerce BOX Office Missing Authorization vulnerability in Woo WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.1.51. network low complexity woocommerce CWE-862	5.3
2024-06-09	CVE-2024-24716	Missing Authorization vulnerability in Getawesomesupport Awesome Support 6.0.13 Missing Authorization vulnerability in Awesome Support Team Awesome Support.This issue affects Awesome Support: from n/a through 6.1.6. network low complexity getawesomesupport CWE-862	5.4
2024-06-09	CVE-2023-52230	Missing Authorization vulnerability in Booster for Woocommerce Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.3. network low complexity booster CWE-862	6.5
2024-06-09	CVE-2023-52232	Missing Authorization vulnerability in Booster for Woocommerce 5.6.5/5.6.6 Missing Authorization vulnerability in Pluggabl LLC Booster Plus for WooCommerce.This issue affects Booster Plus for WooCommerce: from n/a before 7.1.2. network low complexity booster CWE-862	6.5
2024-06-08	CVE-2024-21748	Missing Authorization vulnerability in Icegram Express Missing Authorization vulnerability in Icegram.This issue affects Icegram: from n/a through 3.1.21. network low complexity icegram CWE-862	5.4
2024-06-08	CVE-2024-35679	Cross-site Scripting vulnerability in Givewp Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GiveWP allows Reflected XSS.This issue affects GiveWP: from n/a through 3.12.0. network low complexity givewp CWE-79	6.1
2024-06-08	CVE-2024-35681	Cross-site Scripting vulnerability in Gvectors Wpdiscuz Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18. network low complexity gvectors CWE-79	5.4
2024-06-08	CVE-2024-35682	Unspecified vulnerability in Themeisle Otter Blocks Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter Blocks PRO.This issue affects Otter Blocks PRO: from n/a through 2.6.11. network low complexity themeisle	5.3

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium