6.4
CVE-2024-32865 - exacqVison - TLS certificate validation
Under certain circumstances the exacqVision Server will not properly validate TLS certificates provided by connected devices.
6.4
CVE-2024-32864 - exacqVison - HTTPS Session Establishment
Under certain circumstances exacqVision Web Services will not enforce secure web communications (HTTPS)
9.4
CVE-2024-7093 - Server-Side Template Injection in Dispatch Message Templates
Dispatch's notification service uses Jinja templates to generate messages to users. Jinja permits code execution within blocks, which were neither properly sanitized nor sandboxed. This vulnerability enables users to construct command line scripts in their custom message templates, which are then eβ¦
8
CVE-2023-52209 - WordPress WPForms User Registration plugin <= 2.1.0 - Authenticated Privilege Escalation vulnerabilβ¦
Improper Privilege Management vulnerability in WPForms, LLC. WPForms User Registration allows Privilege Escalation.This issue affects WPForms User Registration: from n/a through 2.1.0.
7.1
CVE-2024-38746 - WordPress MakeStories (for Google Web Stories) plugin <= 3.0.3 - Arbitrary File Download and SSRF vβ¦
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MakeStories Team MakeStories (for Google Web Stories) allows Path Traversal, Server Side Request Forgery.This issue affects MakeStories (for Google Web Stories): from n/a through 3.0.3.
6.9
CVE-2024-7367 - SourceCodester Simple Realtime Quiz System ajax.php cross-site request forgery
A vulnerability, which was classified as problematic, was found in SourceCodester Simple Realtime Quiz System 1.0. This affects an unknown part of the file /ajax.php?action=save_user. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit hβ¦
6.8
CVE-2024-32863 - exacqVison - CSRF issues with Web Service
Under certain circumstances the exacqVision Web Services may be susceptible to Cross-Site Request Forgery (CSRF)
4.3
CVE-2024-38768 - WordPress The Pack Elementor addons plugin <= 2.0.8.6 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Webangon The Pack Elementor addons allows PHP Local File Inclusion, Path Traversal.This issue affects The Pack Elementor addons: from n/a through 2.0.8.6.
9.8
CVE-2024-38770 - WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.20 - Authentication Bypass and Priviβ¦
Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Privilege Escalation, Authentication Bypass.This issue affects Backup and Staging by WP Time Capsule: from n/a through 1.22.20.
6.5
CVE-2024-38772 - WordPress JetWidgets for Elementor and WooCommerce plugin <= 1.1.7 - Contributor+ Limited Local Filβ¦
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Crocoblock JetWidgets for Elementor and WooCommerce allows PHP Local File Inclusion.This issue affects JetWidgets for Elementor and WooCommerce: from n/a through 1.1.7.