Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-28 | CVE-2024-6448 | The Mollie Payments for WooCommerce plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 7.7.0. | 5.3 |
| 2024-08-28 | CVE-2024-7573 | The Relevanssi Live Ajax Search plugin for WordPress is vulnerable to argument injection in all versions up to, and including, 2.4. network low complexity | 5.3 |
| 2024-08-27 | CVE-2024-8216 | Unspecified vulnerability in Insurance Management System Project Insurance Management System 1.0 A vulnerability, which was classified as critical, has been found in nafisulbari/itsourcecode Insurance Management System 1.0. | 5.4 |
| 2024-08-27 | CVE-2022-39996 | Cross-site Scripting vulnerability in Teldat Rs123 Firmware and Rs123W Firmware Cross Site Scripting vulnerability in Teldats Router RS123, RS123w allows attacker to execute arbitrary code via the cmdcookie parameter to the upgrade/query.php page. | 4.8 |
| 2024-08-27 | CVE-2024-8208 | Cross-site Scripting vulnerability in Insurance Management System Project Insurance Management System 1.0 A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. | 6.1 |
| 2024-08-27 | CVE-2024-8209 | Cross-site Scripting vulnerability in Insurance Management System Project Insurance Management System 1.0 A vulnerability was found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. | 6.1 |
| 2024-08-27 | CVE-2024-43788 | Cross-site Scripting vulnerability in Webpack.Js Webpack Webpack is a module bundler. | 6.1 |
| 2024-08-27 | CVE-2024-40395 | Authorization Bypass Through User-Controlled Key vulnerability in PTC Thingworx 9.5.0 An Insecure Direct Object Reference (IDOR) in PTC ThingWorx v9.5.0 allows attackers to view sensitive information, including PII, regardless of access level. | 6.5 |
| 2024-08-27 | CVE-2024-8199 | Missing Authorization vulnerability in Smashballoon Reviews Feed The Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'update_api_key' function in all versions up to, and including, 1.1.2. | 4.3 |
| 2024-08-27 | CVE-2024-8200 | Cross-Site Request Forgery (CSRF) vulnerability in Smashballoon Reviews Feed The Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.2. | 4.3 |