6.9

CVSS4.0

CVE-2024-7926 - ZZCMS about_edit.php path traversal

A vulnerability classified as critical has been found in ZZCMS 2023. Affected is an unknown function of the file /admin/about_edit.php?action=modify. The manipulation of the argument skin leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the pu…

πŸ“… Published: Aug. 19, 2024, 7:31 p.m. πŸ”„ Last Modified: Sept. 4, 2024, 6:42 p.m.

0.0

CVE-2024-43354 - WordPress myCred plugin <= 2.7.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Saad Iqbal myCred mycred.This issue affects myCred: from n/a through <= 2.7.2.

πŸ“… Published: Aug. 19, 2024, 7:30 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2024-43345 - WordPress Landing Page Builder plugin <= 1.5.2.0 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PluginOps Landing Page Builder allows PHP Local File Inclusion.This issue affects Landing Page Builder: from n/a through 1.5.2.0.

πŸ“… Published: Aug. 19, 2024, 7:28 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

8.3

CVSS3.1

CVE-2024-43328 - WordPress EmbedPress plugin <= 4.0.9 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper EmbedPress allows PHP Local File Inclusion.This issue affects EmbedPress: from n/a through 4.0.9.

πŸ“… Published: Aug. 19, 2024, 7:26 p.m. πŸ”„ Last Modified: April 5, 2025, 12:30 a.m.

5.4

CVSS3.1

CVE-2024-43326 - WordPress Plugin Notes Plus plugin <= 1.2.7 - Arbitrary Content Deletion vulnerability

Missing Authorization vulnerability in Jamie Bergen Plugin Notes Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Plugin Notes Plus: from n/a through 1.2.7.

πŸ“… Published: Aug. 19, 2024, 7:25 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.3

CVSS3.1

CVE-2024-43317 - WordPress RegistrationMagic plugin <= 6.0.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Metagauss User Registration Team RegistrationMagic allows Cross-Site Scripting (XSS).This issue affects RegistrationMagic: from n/a through 6.0.1.0.

πŸ“… Published: Aug. 19, 2024, 7:22 p.m. πŸ”„ Last Modified: Feb. 4, 2025, 3:32 p.m.

9.8

CVSS3.1

CVE-2024-43311 - WordPress Login As Users plugin <= 1.4.2 - Broken Authentication vulnerability

Improper Privilege Management vulnerability in Geek Code Lab Login As Users allows Privilege Escalation.This issue affects Login As Users: from n/a through 1.4.2.

πŸ“… Published: Aug. 19, 2024, 7:20 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2024-7958 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: Aug. 19, 2024, 6:40 p.m. πŸ”„ Last Modified: Aug. 19, 2024, 8:15 p.m.

5.3

CVSS4.0

CVE-2024-7925 - ZZCMS eginfo.php information disclosure

A vulnerability was found in ZZCMS 2023. It has been rated as problematic. This issue affects some unknown processing of the file 3/E_bak5.1/upload/eginfo.php. The manipulation of the argument phome with the input ShowPHPInfo leads to information disclosure. The attack may be initiated remotely. Th…

πŸ“… Published: Aug. 19, 2024, 6 p.m. πŸ”„ Last Modified: Sept. 3, 2024, 5:24 p.m.

6.9

CVSS4.0

CVE-2024-7924 - ZZCMS list.php path traversal

A vulnerability was found in ZZCMS 2023. It has been declared as critical. This vulnerability affects unknown code of the file /I/list.php. The manipulation of the argument skin leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be us…

πŸ“… Published: Aug. 19, 2024, 6 p.m. πŸ”„ Last Modified: Aug. 21, 2024, 3:04 p.m.
Total resulsts: 349182
Page 8801 of 34,919
Β« previous page Β» next page
Filters