Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-04 | CVE-2024-8411 | Cross-site Scripting vulnerability in Abcd-Community Abcd 2.2.0 A vulnerability, which was classified as problematic, has been found in ABCD ABCD2 up to 2.2.0-beta-1. | 4.3 |
| 2024-09-04 | CVE-2024-8407 | Cross-site Scripting vulnerability in Alwindoss Akademy A vulnerability was found in alwindoss akademy up to 35caccea888ed63d5489e211c99edff1f62efdba. | 5.4 |
| 2024-09-04 | CVE-2024-44383 | Command Injection vulnerability in Wayos Fbm-291W Firmware 19.09.11 WAYOS FBM-291W v19.09.11 is vulnerable to Command Execution via msp_info_htm. | 6.8 |
| 2024-09-04 | CVE-2024-8413 | Cross-site Scripting vulnerability in Raspcontrol Project Raspcontrol 1.0 Cross Site Scripting (XSS) vulnerability through the action parameter in index.php. | 6.1 |
| 2024-09-04 | CVE-2024-7870 | The PixelYourSite – Your smart PIXEL (TAG) & API Manager and the PixelYourSite PRO plugins for WordPress are vulnerable to Sensitive Information Exposure in all versions up to, and including, 9.7.1 and 10.4.2, respectively, through publicly exposed log files. | 6.5 |
| 2024-09-04 | CVE-2024-8318 | The Attributes for Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘attributesForBlocks’ parameter in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. | 6.4 |
| 2024-09-04 | CVE-2024-8104 | Path Traversal vulnerability in Wpextended WP Extended The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.0.8 via the download_file_ajax function. | 6.5 |
| 2024-09-04 | CVE-2024-8106 | Unspecified vulnerability in Wpextended WP Extended The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0.8 via the download_user_ajax function. | 6.5 |
| 2024-09-04 | CVE-2024-8117 | Cross-site Scripting vulnerability in Wpextended WP Extended The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘selected_option’ parameter in all versions up to, and including, 3.0.8 due to insufficient input sanitization and output escaping. | 6.1 |
| 2024-09-04 | CVE-2024-8119 | Cross-site Scripting vulnerability in Wpextended WP Extended The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the page parameter in all versions up to, and including, 3.0.8 due to insufficient input sanitization and output escaping. | 6.1 |