8.8

CVSS3.1

CVE-2024-10913 - Clone <= 2.4.6 - Unauthenticated PHP Object Injection via 'recursive_unserialized_replace'

The Clone plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.4.6 via deserialization of untrusted input in the 'recursive_unserialized_replace' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain iโ€ฆ

๐Ÿ“… Published: Nov. 20, 2024, 1:55 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

10

CVSS4.0

CVE-2024-9479 -

Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Escalation.This issue affects upKeeper Instant Privilege Access: before 1.2.

๐Ÿ“… Published: Nov. 20, 2024, 1:34 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

10

CVSS4.0

CVE-2024-9478 -

Improper Privilege Management vulnerability in upKeeper Solutions upKeeper Instant Privilege Access allows Privilege Escalation.This issue affects upKeeper Instant Privilege Access: before 1.2.

๐Ÿ“… Published: Nov. 20, 2024, 1:31 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-11495 - Buffer overflow in OllyDbg

Buffer overflow vulnerability in OllyDbg, version 1.10, which could allow a local attacker to execute arbitrary code due to lack of proper bounds checking.

๐Ÿ“… Published: Nov. 20, 2024, 12:28 p.m. ๐Ÿ”„ Last Modified: Nov. 4, 2025, 5:54 p.m.

8.8

CVSS3.1

CVE-2024-52437 - WordPress Banner System plugin <= 1.0.0 - Privilege Escalation vulnerability

Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System banner-system allows Privilege Escalation.This issue affects Banner System: from n/a through <= 1.0.0.

๐Ÿ“… Published: Nov. 20, 2024, noon ๐Ÿ”„ Last Modified: April 23, 2026, 3:21 p.m.

6.9

CVSS3.1

CVE-2024-11406 - Stored XSS in django CMS Attributes Fields

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in django CMS Association django CMS Attributes Fields allows Stored XSS.This issue affects django CMS Attributes Fields: before 4.0.

๐Ÿ“… Published: Nov. 20, 2024, noon ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.8

CVSS3.1

CVE-2024-52438 - WordPress de:branding plugin <= 1.0.2 - Privilege Escalation vulnerability

Missing Authentication for Critical Function vulnerability in deco.agency de:branding debranding allows Privilege Escalation.This issue affects de:branding: from n/a through <= 1.0.2.

๐Ÿ“… Published: Nov. 20, 2024, 11:59 a.m. ๐Ÿ”„ Last Modified: April 23, 2026, 3:21 p.m.

9.8

CVSS3.1

CVE-2024-52442 - WordPress UserPlus plugin <= 2.0 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in userplus UserPlus userplus allows Privilege Escalation.This issue affects UserPlus: from n/a through <= 2.0.

๐Ÿ“… Published: Nov. 20, 2024, 11:56 a.m. ๐Ÿ”„ Last Modified: April 23, 2026, 3:21 p.m.

5.5

CVSS3.1

CVE-2024-11404 - File Upload Bypass in django Filer

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in django CMS Association django Filer allows Input Data Manipulation, Stored XSS.This issue affects django Filer: from 3 before 3.3.

๐Ÿ“… Published: Nov. 20, 2024, 11:55 a.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.2

CVSS3.1

CVE-2024-52451 - WordPress Post Ideas plugin <= 2 - CSRF to SQL Injection vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in aaronrobbins Post Ideas post-ideas allows SQL Injection.This issue affects Post Ideas: from n/a through <= 2.

๐Ÿ“… Published: Nov. 20, 2024, 11:54 a.m. ๐Ÿ”„ Last Modified: April 23, 2026, 3:21 p.m.
Total resulsts: 349182
Page 7777 of 34,919
ยซ previous page ยป next page
Filters