9.1

CVSS3.1

CVE-2024-35767 - WordPress Squeeze plugin <= 1.4 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Bogdan Bendziukov Squeeze allows Code Injection.This issue affects Squeeze: from n/a through 1.4.

πŸ“… Published: June 21, 2024, 4 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:20 a.m.

9.8

CVSS3.1

CVE-2023-38389 - WordPress Jupiter X Core plugin <= 3.3.8 - Unauthenticated Account Takeover vulnerability

Incorrect Authorization vulnerability in Artbees JupiterX Core allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JupiterX Core: from n/a through 3.3.8.

πŸ“… Published: June 21, 2024, 3:58 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 8:13 a.m.

3.7

CVSS3.1

CVE-2022-44593 - WordPress Solid Security plugin <= 9.3.1 - IP Spoofing Leading to Denial of Service vulnerability

Use of Less Trusted Source vulnerability in SolidWP Solid Security allows HTTP DoS.This issue affects Solid Security: from n/a through 9.3.1.

πŸ“… Published: June 21, 2024, 3:56 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 7:28 a.m.

5.3

CVSS3.1

CVE-2022-44587 - WordPress WP 2FA plugin <= 2.6.3 - Sensitive Data Exposure via Log File vulnerability

Insertion of Sensitive Information into Log File vulnerability in WP 2FA allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP 2FA: from n/a through 2.6.3.

πŸ“… Published: June 21, 2024, 3:54 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 7:28 a.m.

4.3

CVSS3.1

CVE-2022-38055 - WordPress wpForo Forum plugin <= 2.0.9 - Auth. HTML Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpForo Forum allows Content Spoofing.This issue affects wpForo Forum: from n/a through 2.0.9.

πŸ“… Published: June 21, 2024, 3:52 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 7:15 a.m.

9.2

CVSS4.0

CVE-2023-45197 - Adminer and AdminerEvo vulnerable to directory traversal and file upload

The file upload plugin in Adminer and AdminerEvo allows an attacker to upload a file with a table name of β€œ..” to the root of the Adminer directory. The attacker can effectively guess the name of the uploaded file and execute it. Adminer is no longer supported, but this issue was fixed in AdminerEv…

πŸ“… Published: June 21, 2024, 2:28 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 8:26 a.m.

5.4

CVSS3.1

CVE-2024-37118 - WordPress Uncanny Automator Pro plugin <= 5.3 - Cross Site Request Forgery (CSRF) Leading to Licens…

Cross Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Automator Pro.This issue affects Uncanny Automator Pro: from n/a through 5.3.

πŸ“… Published: June 21, 2024, 1:47 p.m. πŸ”„ Last Modified: March 26, 2025, 2:15 p.m.

4.3

CVSS3.1

CVE-2024-37198 - WordPress Digital Newspaper theme <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in blazethemes Digital Newspaper.This issue affects Digital Newspaper: from n/a through 1.1.5.

πŸ“… Published: June 21, 2024, 1:46 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:23 a.m.

8.3

CVSS3.1

CVE-2024-37212 - WordPress AliExpress Dropshipping with AliNext Lite plugin <= 3.3.5 - CSRF to PHP Object Injection …

Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Ali2Woo Lite.This issue affects Ali2Woo Lite: from n/a through 3.3.5.

πŸ“… Published: June 21, 2024, 1:45 p.m. πŸ”„ Last Modified: Feb. 27, 2026, 9:48 p.m.

4.3

CVSS3.1

CVE-2024-37227 - WordPress Newsletters plugin <= 4.9.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters.This issue affects Newsletters: from n/a through 4.9.7.

πŸ“… Published: June 21, 2024, 1:40 p.m. πŸ”„ Last Modified: Feb. 27, 2026, 3:13 p.m.
Total resulsts: 342258
Page 8667 of 34,226
Β« previous page Β» next page
Filters