4.3

CVSS3.1

CVE-2024-3893 - Classified Listing – Classified ads & Business Directory Plugin <= 3.0.10.3 - Missing Authorization…

The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the rtcl_fb_gallery_image_delete AJAX action in all versions up to, and including, 3.0.10.3. This makes it possible for authentica…

πŸ“… Published: April 25, 2024, 7:33 a.m. πŸ”„ Last Modified: April 8, 2026, 7:21 p.m.

6.4

CVSS3.1

CVE-2024-3988 - Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Element…

The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Sina Fancy Text Widget in all versions up to, and including, 3.5.2 due to insuf…

πŸ“… Published: April 25, 2024, 7:33 a.m. πŸ”„ Last Modified: April 8, 2026, 6:21 p.m.

6.4

CVSS3.1

CVE-2024-3929 - Content Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shor…

The Content Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shortcode) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Widget Post Overlay block in all versions up to, and including, 3.7.0 due to insufficient input sanitization and o…

πŸ“… Published: April 25, 2024, 7:33 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.6

CVSS3.1

CVE-2024-4173 - SANnav versions exposes Kafka in the wan interface.

A vulnerability in Brocade SANnav exposes Kafka in the wan interface. The vulnerability could allow an unauthenticated attacker to perform various attacks, including DOS against the Brocade SANnav.

πŸ“… Published: April 25, 2024, 7:30 a.m. πŸ”„ Last Modified: Feb. 6, 2025, 5:53 p.m.

6.8

CVSS3.1

CVE-2024-2907 - AGCA – Custom Dashboard & Login Page < 7.2.2 - Admin+ Stored XSS via Image URL

The AGCA WordPress plugin before 7.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

πŸ“… Published: April 25, 2024, 5 a.m. πŸ”„ Last Modified: May 14, 2025, 5:45 p.m.

8.6

CVSS3.1

CVE-2024-4161 - Syslog traffic sent in clear-text

In Brocade SANnav, before Brocade SANnav v2.3.0, syslog traffic received clear text. This could allow an unauthenticated, remote attacker to capture sensitive information.

πŸ“… Published: April 25, 2024, 2:32 a.m. πŸ”„ Last Modified: Feb. 6, 2025, 5:50 p.m.

4.3

CVSS3.1

CVE-2024-4159 - Protection mechanisms

Brocade SANnav before v2.3.0a lacks protection mechanisms on port 2377/TCP and 7946/TCP, which could allow an unauthenticated attacker to sniff the SANnav Docker information.

πŸ“… Published: April 25, 2024, 1:58 a.m. πŸ”„ Last Modified: Feb. 6, 2025, 5:49 p.m.

5.3

CVSS3.1

CVE-2024-33664 - python-jose: allows attackers to cause a denial of service

python-jose through 3.3.0 allows attackers to cause a denial of service (resource consumption) during a decode via a crafted JSON Web Encryption (JWE) token with a high compression ratio, aka a "JWT bomb." This is similar to CVE-2024-21319.

πŸ“… Published: April 25, 2024, midnight πŸ”„ Last Modified: Sept. 2, 2025, 6:36 p.m.

3.5

CVSS3.1

CVE-2024-32236 -

An issue in CmsEasy v.7.7 and before allows a remote attacker to obtain sensitive information via the update function in the index.php component.

πŸ“… Published: April 25, 2024, midnight πŸ”„ Last Modified: April 14, 2025, 1:47 p.m.

9.1

CVSS3.1

CVE-2024-33661 -

Portainer before 2.20.0 allows redirects when the target is not index.yaml.

πŸ“… Published: April 25, 2024, midnight πŸ”„ Last Modified: May 21, 2025, 6:07 p.m.
Total resulsts: 349182
Page 10170 of 34,919
Β« previous page Β» next page
Filters