4.3
CVE-2024-31278 - WordPress Premium Addons for Elementor plugin <= 4.10.22 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor.This issue affects Premium Addons for Elementor: from n/a through <= 4.10.22.
5.3
CVE-2024-31298 - WordPress User Spam Remover plugin <= 1.0 - Sensitive Data Exposure via Log File vulnerability
Insertion of Sensitive Information into Log File vulnerability in Joel Hardi User Spam Remover.This issue affects User Spam Remover: from n/a through 1.0.
5.3
CVE-2024-31302 - WordPress Contact Form Email plugin <= 1.3.44 - Sensitive Data Exposure vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodePeople Contact Form Email.This issue affects Contact Form Email: from n/a through 1.3.44.
5.3
CVE-2024-31353 - WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8.
4.7
CVE-2024-31253 - WordPress WP OAuth Server (OAuth Authentication) plugin <= 4.3.3 - Open Redirection vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP OAuth Server OAuth Server.This issue affects OAuth Server: from n/a through 4.3.3.
4.7
CVE-2024-31282 - WordPress App Builder plugin <= 3.8.7 - Open Redirection vulnerability
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Appcheap.Io App Builder.This issue affects App Builder: from n/a through 3.8.7.
9.8
CVE-2024-3566 - Command injection vulnerability in programing languages on Microsoft Windows operating system.
A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.
8.5
CVE-2024-24809 - Traccar vulnerable to Path Traversal: 'dir/../../filename' and Unrestricted Upload of File with Danβ¦
Traccar is an open source GPS tracking system. Versions prior to 6.0 are vulnerable to path traversal and unrestricted upload of file with dangerous type. Since the system allows registration by default, attackers can acquire ordinary user permissions by registering an account and exploit this vulnβ¦
5
CVE-2024-3448 - Improper Access Control Leads to Server-Side Request Forgery in Mautic
Users with low privileges can perform certain AJAX actions. In this vulnerability instance, improper access to ajax?action=plugin:focus:checkIframeAvailability leads to a Server-Side Request Forgery by analyzing the error messages returned from the back-end. Allowing an attacker to perform a port β¦
5.4
CVE-2024-2731 - Improper Access Control Issues Lead to Sensitive Data Exposure in Mautic
Users with low privileges (all permissions deselected in the administrator permissions settings) can view certain pages that expose sensitive information such as company names, users' names and surnames, stage names, and monitoring campaigns and their descriptions. In addition, unprivileged users cβ¦