9.8

CVSS3.1

CVE-2023-51472 - WordPress Checkout Mestres WP plugin <= 7.1.9.7 - Unauthenticated Account Takeover vulnerability

Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Privilege Escalation.This issue affects Checkout Mestres WP: from n/a through 7.1.9.7.

πŸ“… Published: April 24, 2024, 4:39 p.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

7.1

CVSS3.1

CVE-2024-3371 - Insufficient validation of external input in Compass may enable MITM attacks

MongoDB Compass may accept and use insufficiently validated input from an untrusted external source. This may cause unintended application behavior, including data disclosure and enabling attackers to impersonate users. This issue affects MongoDB Compass versions 1.35.0 to 1.42.0.

πŸ“… Published: April 24, 2024, 4:32 p.m. πŸ”„ Last Modified: Feb. 6, 2025, 5:58 p.m.

8.8

CVSS3.1

CVE-2024-4118 - Tenda W15E addIpMacBind formIPMacBindAdd stack-based overflow

A vulnerability was found in Tenda W15E 15.11.0.14. It has been classified as critical. This affects the function formIPMacBindAdd of the file /goform/addIpMacBind. The manipulation of the argument IPMacBindRule leads to stack-based buffer overflow. It is possible to initiate the attack remotely. T…

πŸ“… Published: April 24, 2024, 4:31 p.m. πŸ”„ Last Modified: Jan. 15, 2025, 6:42 p.m.

8.2

CVSS3.1

CVE-2023-51471 - WordPress Checkout Mestres WP plugin <= 7.1.9.7 - Unauthenticated Arbitrary Options Update vulnerab…

Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Checkout Mestres WP: from n/a through 7.1.9.7.

πŸ“… Published: April 24, 2024, 4:14 p.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

9.8

CVSS3.1

CVE-2023-51425 - WordPress Rencontre plugin <= 3.10.1 - Unauthenticated Account Takeover vulnerability

Improper Privilege Management vulnerability in Jacques Malgrange Rencontre – Dating Site allows Privilege Escalation.This issue affects Rencontre – Dating Site: from n/a through 3.10.1.

πŸ“… Published: April 24, 2024, 4:05 p.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

8.2

CVSS3.1

CVE-2023-51405 - WordPress BookingPress plugin <= 1.0.74 - Booking Price Manipulation vulnerability

Improper Authentication vulnerability in Repute Infosystems BookingPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BookingPress: from n/a through 1.0.74.

πŸ“… Published: April 24, 2024, 4:03 p.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

5.3

CVSS3.1

CVE-2023-48763 - WordPress JetFormBuilder plugin <= 3.1.4 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS vulnerability in Crocoblock JetFormBuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through 3.1.4.

πŸ“… Published: April 24, 2024, 4:01 p.m. πŸ”„ Last Modified: April 28, 2026, 4:08 p.m.

8.8

CVSS3.1

CVE-2024-4117 - Tenda W15E DelPortMapping formDelPortMapping stack-based overflow

A vulnerability was found in Tenda W15E 15.11.0.14 and classified as critical. Affected by this issue is the function formDelPortMapping of the file /goform/DelPortMapping. The manipulation of the argument portMappingIndex leads to stack-based buffer overflow. The attack may be launched remotely. T…

πŸ“… Published: April 24, 2024, 4 p.m. πŸ”„ Last Modified: Jan. 15, 2025, 6:42 p.m.

8.8

CVSS3.1

CVE-2024-4116 - Tenda W15E DelDhcpRule formDelDhcpRule stack-based overflow

A vulnerability has been found in Tenda W15E 15.11.0.14 and classified as critical. Affected by this vulnerability is the function formDelDhcpRule of the file /goform/DelDhcpRule. The manipulation of the argument delDhcpIndex leads to stack-based buffer overflow. The attack can be launched remotely…

πŸ“… Published: April 24, 2024, 4 p.m. πŸ”„ Last Modified: Jan. 15, 2025, 6:42 p.m.

5.4

CVSS3.1

CVE-2023-47774 - WordPress Jetpack plugin < 12.7 - Auth. Iframe Injection vulnerability

Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows Clickjacking.This issue affects Jetpack: from n/a before 12.7.

πŸ“… Published: April 24, 2024, 3:58 p.m. πŸ”„ Last Modified: April 28, 2026, 4:08 p.m.
Total resulsts: 349182
Page 10175 of 34,919
Β« previous page Β» next page
Filters