4.3
CVE-2021-1465 -
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a directory traversal attack and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTPβ¦
6.5
CVE-2024-37155 - OpenCTI May Bypass Introspection Restriction
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Prior to version 6.1.9, the regex validation used to prevent Introspection queries can be bypassed by removing the extra whitespace, carriage return, and line feed characteβ¦
9.3
CVE-2024-52431 - WordPress WP Video Robot plugin <= 1.20.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pressaholic WordPress Video Robot - The Ultimate Video Importer allows SQL Injection.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through 1.20.0.
7.2
CVE-2024-52435 - WordPress Premium Packages β Sell Digital Products Securely plugin <= 6.0.5 - SQL Injection vulneraβ¦
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjada WPDM β Premium Packages wpdm-premium-packages.This issue affects WPDM β Premium Packages: from n/a through <= 6.0.5.
7.2
CVE-2024-52436 - WordPress Post SMTP plugin <= 2.9.9 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal Post SMTP post-smtp allows Blind SQL Injection.This issue affects Post SMTP: from n/a through <= 2.9.9.
9.8
CVE-2024-52428 - WordPress Ads Booster by Ads Pro plugin <= 1.12 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Peter Ads Booster by Ads Pro free-wp-booster-by-ads-pro allows PHP Local File Inclusion.This issue affects Ads Booster by Ads Pro: from n/a through <= 1.12.
9.8
CVE-2024-52430 - WordPress Lis Video Gallery plugin <= 0.2.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in bublick Lis Video Gallery lis-video-gallery allows Object Injection.This issue affects Lis Video Gallery: from n/a through <= 0.2.1.
5.1
CVE-2024-11304 - Multiple Stored Cross-Site Scripting
Missing input validation in the SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 web-interface allows stored Cross-Site Scripting (XSS). This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.
9.8
CVE-2024-52432 - WordPress NIX Anti-Spam Light plugin <= 0.0.4 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in NIX Solutions Ltd NIX Anti-Spam Light nix-anti-spam-light allows Object Injection.This issue affects NIX Anti-Spam Light: from n/a through <= 0.0.4.
9.8
CVE-2024-52433 - WordPress My Geo Posts Free plugin <= 1.2 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free my-geo-posts-free allows Object Injection.This issue affects My Geo Posts Free: from n/a through <= 1.2.