6.8
CVE-2024-12654 - FabulaTech USB over Network IOCT ftusbbus2.sys 0x220408 null pointer dereference
A vulnerability classified as problematic was found in FabulaTech USB over Network 6.0.6.1. Affected by this vulnerability is the function 0x220408 in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. Theβ¦
4.3
CVE-2024-54357 - WordPress Avada theme <= 7.11.10 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada avada.This issue affects Avada: from n/a through <= 7.11.10.
7.5
CVE-2024-54376 - WordPress EazyDocs plugin <= 2.8.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Spider Themes EazyDocs eazydocs allows PHP Local File Inclusion.This issue affects EazyDocs: from n/a through <= 2.8.0.
4.3
CVE-2024-56003 - WordPress Caldera SMTP Mailer plugin <= 1.0.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in David Cramer Caldera SMTP Mailer caldera-smtp-mailer.This issue affects Caldera SMTP Mailer: from n/a through <= 1.0.1.
5.3
CVE-2024-55999 - WordPress XML Multilanguage Sitemap Generator plugin <= 2.0.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Marco Giannini XML Multilanguage Sitemap Generator xml-multilanguage-sitemap-generator.This issue affects XML Multilanguage Sitemap Generator: from n/a through <= 2.0.6.
6.5
CVE-2024-54348 - WordPress Brandy theme <= 1.1.6 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in yaycommerce Brand brand allows Stored XSS.This issue affects Brand: from n/a through <= 1.1.6.
9.1
CVE-2024-54285 - WordPress SeedProd Pro plugin <= 6.18.10 - Remote Code Execution (RCE) vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in SeedProd LLC SeedProd Pro allows Upload a Web Shell to a Web Server.This issue affects SeedProd Pro: from n/a through 6.18.10.
7.6
CVE-2024-54284 - WordPress SeedProd Pro plugin <= 6.18.10 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through 6.18.10.
7.6
CVE-2024-54283 - WordPress SeedProd Pro plugin <= 6.18.10 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SeedProd LLC SeedProd Pro allows SQL Injection.This issue affects SeedProd Pro: from n/a through 6.18.10.
9.3
CVE-2024-54280 - WordPress WPBookit plugin <= 1.6.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design WPBookit wpbookit allows SQL Injection.This issue affects WPBookit: from n/a through <= 1.6.0.