7.8
CVE-2024-30336 - Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious pageβ¦
4.9
CVE-2024-30531 - WordPress Nelio Content plugin <= 3.2.0 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery (SSRF) vulnerability in Nelio Software Nelio Content.This issue affects Nelio Content: from n/a through 3.2.0.
4.9
CVE-2024-30532 - WordPress Builderall Builder for WordPress plugin <= 2.0.1 - Server Side Request Forgery (SSRF) vulβ¦
Server-Side Request Forgery (SSRF) vulnerability in Builderall Team Builderall Builder for WordPress.This issue affects Builderall Builder for WordPress: from n/a through 2.0.1.
6.4
CVE-2024-24888 - WordPress Gutenberg Blocks by Kadence Blocks plugin <= 3.2.25 - Server Side Request Forgery (SSRF) β¦
Server-Side Request Forgery (SSRF) vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kadence-blocks.This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through <= 3.2.25.
7.1
CVE-2024-30335 - Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability
Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target musβ¦
7.1
CVE-2024-31105 - WordPress Tax Rate Upload plugin <= 2.4.5 - CSRF leading to Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Adam Bowen Tax Rate Upload allows Reflected XSS.This issue affects Tax Rate Upload: from n/a through 2.4.5.
7.1
CVE-2024-31109 - WordPress Woocommerce Social Media Share Buttons plugin <= 1.3.0 - CSRF to Cross Site Scripting (XSβ¦
Cross-Site Request Forgery (CSRF) vulnerability in Toastie Studio Woocommerce Social Media Share Buttons allows Stored XSS.This issue affects Woocommerce Social Media Share Buttons: from n/a through 1.3.0.
4.3
CVE-2024-3151 - Bdtask Multi-Store Inventory Management System Stock Movement Page cross-site request forgery
A vulnerability, which was classified as problematic, was found in Bdtask Multi-Store Inventory Management System up to 20240325. Affected is an unknown function of the file /stockmovment/stockmovment/delete/ of the component Stock Movement Page. The manipulation leads to cross-site request forgeryβ¦
4.3
CVE-2024-2435 - Stored XSS in Timeline View
For an attacker with pre-existing access to send a signal to a workflow, the attacker can make the signal name a script that executes when a victim views that signal. The XSS is in the timeline page displaying the workflow execution details of the workflow that was sent the crafted signal. Access tβ¦
7.1
CVE-2024-22248 -
VMware SD-WAN Orchestrator contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure.