7.1

CVSS3.1

CVE-2024-51687 - WordPress Platform.ly Official plugin <= 1.1.3 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Platform.ly Platform.ly Official platformly allows Stored XSS.This issue affects Platform.ly Official: from n/a through <= 1.1.3.

πŸ“… Published: Nov. 14, 2024, 8:25 p.m. πŸ”„ Last Modified: April 23, 2026, 3:20 p.m.

7.1

CVSS3.1

CVE-2024-51688 - WordPress FraudLabs Pro SMS Verification plugin <= 1.10.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in fraudlabspro FraudLabs Pro SMS Verification fraudlabs-pro-sms-verification allows Stored XSS.This issue affects FraudLabs Pro SMS Verification: from n/a through <= 1.10.1.

πŸ“… Published: Nov. 14, 2024, 8:04 p.m. πŸ”„ Last Modified: April 23, 2026, 3:20 p.m.

5.4

CVSS3.1

CVE-2024-49025 - Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

πŸ“… Published: Nov. 14, 2024, 7:49 p.m. πŸ”„ Last Modified: July 8, 2025, 3:41 p.m.

7.7

CVSS4.0

CVE-2024-10397 - Preallocated buffer overflows in XDR responses

A malicious server can crash the OpenAFS cache manager and other clientΒ utilities, and possibly execute arbitrary code.

πŸ“… Published: Nov. 14, 2024, 7:33 p.m. πŸ”„ Last Modified: Dec. 23, 2025, 3:15 p.m.

6.5

CVSS3.1

CVE-2024-10396 - Fileserver crash and possible information leak on StoreACL/FetchACL

An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash, possibly expose uninitialized memory, and possibly store garbage data in the audit log. Malformed ACLs provided in responses to client FetchACL RPCs can cause client processes to cra…

πŸ“… Published: Nov. 14, 2024, 7:30 p.m. πŸ”„ Last Modified: Dec. 23, 2025, 4:16 p.m.

8.4

CVSS4.0

CVE-2024-10394 - Theft of credentials in Unix client PAGs

A local user can bypass the OpenAFS PAG (Process Authentication Group) throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user stealΒ the credentials in that PAG.

πŸ“… Published: Nov. 14, 2024, 7:07 p.m. πŸ”„ Last Modified: Dec. 23, 2025, 4:16 p.m.

7.5

CVSS3.1

CVE-2024-3760 - Email Bombing Vulnerability in lunary-ai/lunary

In lunary-ai/lunary version 1.2.7, there is a lack of rate limiting on the forgot password page, leading to an email bombing vulnerability. Attackers can exploit this by automating forgot password requests to flood targeted user accounts with a high volume of password reset emails. This not only ov…

πŸ“… Published: Nov. 14, 2024, 6:26 p.m. πŸ”„ Last Modified: Nov. 18, 2024, 10:02 p.m.

9.9

CVSS3.1

CVE-2024-52369 - WordPress KBucket plugin <= 4.2.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Optimal Access KBucket kbucket allows Upload a Web Shell to a Web Server.This issue affects KBucket: from n/a through <= 4.2.2.

πŸ“… Published: Nov. 14, 2024, 6:16 p.m. πŸ”„ Last Modified: April 23, 2026, 3:21 p.m.

9.9

CVSS3.1

CVE-2024-52370 - WordPress Hive Support – WordPress Help Desk, Live Chat & AI Chat Bot Plugin for WordPress plugin <…

Unrestricted Upload of File with Dangerous Type vulnerability in Hive Support Hive Support hive-support allows Upload a Web Shell to a Web Server.This issue affects Hive Support: from n/a through <= 1.1.1.

πŸ“… Published: Nov. 14, 2024, 6:13 p.m. πŸ”„ Last Modified: April 23, 2026, 3:21 p.m.

10

CVSS3.1

CVE-2024-52372 - WordPress Easy CSV Importer plugin <= 7.0.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in WebTechGlobal Easy CSV Importer BETA easy-csv-importer allows Upload a Web Shell to a Web Server.This issue affects Easy CSV Importer BETA: from n/a through <= 7.0.0.

πŸ“… Published: Nov. 14, 2024, 6:12 p.m. πŸ”„ Last Modified: April 23, 2026, 3:21 p.m.
Total resulsts: 349182
Page 7873 of 34,919
Β« previous page Β» next page
Filters