7.5

CVSS3.1

CVE-2024-37224 - WordPress SP Project & Document Manager plugin <= 4.71 - Directory Traversal vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager: from n/a through 4.71.

πŸ“… Published: July 9, 2024, 9:59 a.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:23 a.m.

3.5

CVSS3.1

CVE-2024-35777 - WordPress WooCommerce plugin <= 8.9.2 - Content Injection vulnerability

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Automattic WooCommerce allows Content Spoofing.This issue affects WooCommerce: from n/a through 8.9.2.

πŸ“… Published: July 9, 2024, 9:57 a.m. πŸ”„ Last Modified: July 13, 2025, 11:21 a.m.

7.7

CVSS3.1

CVE-2023-3285 - A BOLA vulnerability in POST /appointments in EasyAppointments < 1.5.0

A BOLA vulnerability in POST /appointments allows a low privileged user to create an appointment for any user in the system (including admin). This results in unauthorized data manipulation.

πŸ“… Published: July 9, 2024, 9:37 a.m. πŸ”„ Last Modified: Nov. 21, 2024, 8:16 a.m.

8.5

CVSS3.1

CVE-2024-37090 - SQL Injection vulnerability in multiple StylemixThemes premium themes

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Masterstudy Elementor Widgets, StylemixThemes Consulting Elementor Widgets.This issue affects Masterstudy Elementor Widgets: from n/a through 1.2.2; Consulting Elementor Widgets: fro…

πŸ“… Published: July 9, 2024, 9:14 a.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:23 a.m.

10

CVSS3.1

CVE-2024-37112 - WordPress WishList Member X plugin < 3.26.7 - Unauthenticated Arbitrary SQL Query Execution vulnera…

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Membership Software WishList Member X.This issue affects WishList Member X: from n/a before 3.26.7.

πŸ“… Published: July 9, 2024, 9:07 a.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:23 a.m.

8.5

CVSS3.1

CVE-2024-37225 - WordPress Zoho Marketing Automation plugin <= 1.2.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zoho Marketing Automation.This issue affects Zoho Marketing Automation: from n/a through 1.2.7.

πŸ“… Published: July 9, 2024, 9:06 a.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:23 a.m.

7.6

CVSS3.1

CVE-2024-37256 - WordPress Tutor LMS plugin <= 2.7.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.1.

πŸ“… Published: July 9, 2024, 9:02 a.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:23 a.m.

7.6

CVSS3.1

CVE-2024-37486 - WordPress Paid Memberships Pro plugin <= 3.0.5 - Authenticated SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Paid Memberships Pro.This issue affects Paid Memberships Pro: from n/a through 3.0.5.

πŸ“… Published: July 9, 2024, 9:01 a.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:23 a.m.

8.5

CVSS3.1

CVE-2024-37494 - WordPress Youzify plugin <= 1.2.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in KaineLabs Youzify.This issue affects Youzify: from n/a through 1.2.5.

πŸ“… Published: July 9, 2024, 8:59 a.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:23 a.m.

7.5

CVSS3.1

CVE-2024-37502 - WordPress Social Login plugin <= 2.6.3 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in wpweb WooCommerce Social Login woo-social-login.This issue affects WooCommerce Social Login: from n/a through <= 2.6.3.

πŸ“… Published: July 9, 2024, 8:57 a.m. πŸ”„ Last Modified: April 1, 2026, 4:17 p.m.
Total resulsts: 343446
Page 8658 of 34,345
Β« previous page Β» next page
Filters