4.3

CVSS3.1

CVE-2024-28949 - DoS via a large number of User Preferences

Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 9.4.4, 9.3.x before 9.3.3, 8.1.x before 8.1.11 don't limit the number of user preferences which allows an attacker to send a large number of user preferences potentially causing denial of service.

πŸ“… Published: April 5, 2024, 8:14 a.m. πŸ”„ Last Modified: Dec. 12, 2024, 9:38 p.m.

3.1

CVSS3.1

CVE-2024-21848 - Users maintain access to active call after being removed from a channel

Improper Access Control in Mattermost Server versions 8.1.x before 8.1.11 allows an attacker that is in a channel with an active call to keep participating in the call even if they are removed from the channel

πŸ“… Published: April 5, 2024, 8:13 a.m. πŸ”„ Last Modified: Feb. 27, 2025, 7:28 p.m.

8.8

CVSS3.1

CVE-2024-2115 - LearnPress – WordPress LMS Plugin <= 4.0.0 - Cross-Site Request Forgery to Privilege Escalation

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.0.0. This is due to missing or incorrect nonce validation on the filter_users functions. This makes it possible for unauthenticated attackers to elevate the…

πŸ“… Published: April 5, 2024, 7:34 a.m. πŸ”„ Last Modified: April 8, 2026, 6:20 p.m.

8.8

CVSS3.1

CVE-2024-3217 - WP Directory Kit <= 1.3.0 - Authenticated (Subscriber+) SQL Injection

The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value' and 'attribute_id' parameters in all versions up to, and including, 1.3.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Thi…

πŸ“… Published: April 5, 2024, 7:34 a.m. πŸ”„ Last Modified: April 8, 2026, 5:18 p.m.

0.0

CVE-2024-31631 -

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.

πŸ“… Published: April 5, 2024, 5:37 a.m. πŸ”„ Last Modified: June 5, 2024, 5:15 p.m.

0.0

CVE-2024-31629 -

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.

πŸ“… Published: April 5, 2024, 5:37 a.m. πŸ”„ Last Modified: June 5, 2024, 5:15 p.m.

0.0

CVE-2024-31628 -

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.

πŸ“… Published: April 5, 2024, 5:37 a.m. πŸ”„ Last Modified: June 5, 2024, 5:15 p.m.

0.0

CVE-2024-31630 -

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.

πŸ“… Published: April 5, 2024, 5:37 a.m. πŸ”„ Last Modified: June 5, 2024, 5:15 p.m.

0.0

CVE-2024-31625 -

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.

πŸ“… Published: April 5, 2024, 5:37 a.m. πŸ”„ Last Modified: June 5, 2024, 5:15 p.m.

0.0

CVE-2024-31626 -

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evidence to determine the existence of a vulnerability.

πŸ“… Published: April 5, 2024, 5:37 a.m. πŸ”„ Last Modified: June 5, 2024, 5:15 p.m.
Total resulsts: 349182
Page 10425 of 34,919
Β« previous page Β» next page
Filters