9.8

CVSS3.1

CVE-2024-43245 - WordPress JobSearch plugin <= 2.3.4 - Unauthenticated Account Takeover vulnerability

Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This issue affects JobSearch: from n/a through 2.3.4.

๐Ÿ“… Published: Aug. 19, 2024, 5:12 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

10.0

CVSS3.1

CVE-2024-43242 - WordPress Indeed Ultimate Membership Pro plugin <= 12.7 - Unauthenticated PHP Object Injection vulnโ€ฆ

Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro.This issue affects Ultimate Membership Pro: from n/a through <= 12.7.

๐Ÿ“… Published: Aug. 19, 2024, 5:09 p.m. ๐Ÿ”„ Last Modified: April 1, 2026, 4:17 p.m.

9.4

CVSS3.1

CVE-2024-43240 - WordPress Indeed Ultimate Membership Pro plugin <= 12.7 - Unauthenticated Privilege Escalation vulnโ€ฆ

Improper Authentication vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro.This issue affects Ultimate Membership Pro: from n/a through <= 12.7.

๐Ÿ“… Published: Aug. 19, 2024, 5:07 p.m. ๐Ÿ”„ Last Modified: April 23, 2026, 3:18 p.m.

4.7

CVSS3.1

CVE-2024-43236 - WordPress Easy PayPal & Stripe Buy Now Button plugin <= 1.9 - Open Redirection vulnerability

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Scott Paterson Easy PayPal Buy Now Button.This issue affects Easy PayPal Buy Now Button: from n/a through 1.9.

๐Ÿ“… Published: Aug. 19, 2024, 5:05 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.5

CVSS3.1

CVE-2024-43232 - WordPress Timeline and History slider plugin <= 2.3 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP OnlineSupport, Essential Plugin Timeline and History slider allows PHP Local File Inclusion.This issue affects Timeline and History slider: from n/a through 2.3.

๐Ÿ“… Published: Aug. 19, 2024, 5:02 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.5

CVSS3.1

CVE-2024-43221 - WordPress JetGridBuilder plugin <= 1.1.2 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Crocoblock JetGridBuilder allows PHP Local File Inclusion.This issue affects JetGridBuilder: from n/a through 1.1.2.

๐Ÿ“… Published: Aug. 19, 2024, 5 p.m. ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

10

CVSS3.1

CVE-2024-37099 - WordPress GiveWP plugin <= 3.14.1 - Unauthenticated PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This issue affects GiveWP: from n/a through 3.14.1.

๐Ÿ“… Published: Aug. 19, 2024, 4:51 p.m. ๐Ÿ”„ Last Modified: Feb. 28, 2025, 10:37 p.m.

7.8

CVSS3.1

CVE-2024-32927 -

In sendDeviceState_1_6 of RadioExt.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

๐Ÿ“… Published: Aug. 19, 2024, 4:47 p.m. ๐Ÿ”„ Last Modified: Aug. 20, 2024, 4:15 p.m.

5.9

CVSS3.1

CVE-2024-32928 -

The libcurl CURLOPT_SSL_VERIFYPEER option was disabled on a subset of requests made by Nest production devices which enabled a potential man-in-the-middle attack on requests to Google cloud services by any host the traffic was routed through.

๐Ÿ“… Published: Aug. 19, 2024, 4:38 p.m. ๐Ÿ”„ Last Modified: March 14, 2025, 4:15 p.m.

9.1

CVSS3.1

CVE-2024-43400 - XWiki Platform allows XSS through XClass name in string properties

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible for a user without Script or Programming rights to craft a URL pointing to a page with arbitrary JavaScript. This requires social engineer to trick a user to follow the URL. This โ€ฆ

๐Ÿ“… Published: Aug. 19, 2024, 4:24 p.m. ๐Ÿ”„ Last Modified: Aug. 22, 2024, 2 p.m.
Total resulsts: 347061
Page 8591 of 34,707
ยซ previous page ยป next page
Filters