9.1
CVE-2024-4253 - Command Injection in gradio-app/gradio
A command injection vulnerability exists in the gradio-app/gradio repository, specifically within the 'test-functional.yml' workflow. The vulnerability arises due to improper neutralization of special elements used in a command, allowing for unauthorized modification of the base repository or secreβ¦
9.1
CVE-2024-36104 - Apache OFBiz: Path traversal leading to a RCE
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz.Β This issue affects Apache OFBiz: before 18.12.14. Users are recommended to upgrade to version 18.12.14, which fixes the issue.
5.3
CVE-2023-41134 - WordPress Antispam Bee plugin <= 2.11.3 - Country IP Restriction Bypass vulnerability
Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through 2.11.3.
6.5
CVE-2023-40673 - WordPress Cartpauj Register Captcha plugin <= 1.0.02 - Captcha Bypass vulnerability
: Improper Control of Interaction Frequency vulnerability in cartpauj Cartpauj Register Captcha allows Functionality Misuse.This issue affects Cartpauj Register Captcha: from n/a through 1.0.02.
5.4
CVE-2023-40557 - WordPress Tabs & Accordion plugin <= 1.3.10 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in PickPlugins Tabs & Accordion allows Code Injection.This issue affects Tabs & Accordion: from n/a through 1.3.10.
5.3
CVE-2023-40332 - WordPress WP-PostRatings plugin <= 1.91 - Rating limit Bypass vulnerability
Improper Control of Interaction Frequency vulnerability in Lester βGaMerZβ Chan WP-PostRatings allows Functionality Misuse.This issue affects WP-PostRatings: from n/a through 1.91.
5.4
CVE-2023-39161 - WordPress Discussion Board plugin <= 2.4.8 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WP Discussion Board Discussion Board allows Content Spoofing, Cross-Site Scripting (XSS).This issue affects Discussion Board: from n/a through 2.4.8.
6.5
CVE-2023-38520 - WordPress Pinpoint Booking System plugin <= 2.9.9.3.4 - Parameter Tampering
External Control of Assumed-Immutable Web Parameter vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Functionality Misuse.This issue affects Pinpoint Booking System: from n/a through 2.9.9.3.4.
5.3
CVE-2023-37865 - WordPress IP2Location Country Blocker plugin <= 2.29.1 - IP Bypass Vulnerability vulnerability
Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through 2.29.1.
5.3
CVE-2023-34001 - WordPress Hide My WP Ghost β Security Plugin plugin <= 5.0.25 - Captcha Bypass vulnerability
Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins β WordPress Security Plugins Hide My WP Ghost allows Functionality Bypass.This issue affects Hide My WP Ghost: from n/a through 5.0.25.