5.3
CVE-2023-46310 - WordPress wpDiscuz plugin <= 7.6.10 - Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpDiscuz allows Code Injection.This issue affects wpDiscuz: from n/a through 7.6.10.
5.4
CVE-2023-45635 - WordPress Responsive Tabs plugin < 4.0.6 - HTML Content Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WP Darko Responsive Tabs allows Code Injection.This issue affects Responsive Tabs: from n/a before 4.0.6.
4.3
CVE-2023-45053 - WordPress WP Content Pilot plugin <= 1.3.3 - HTML Injection vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in pluginever WP Content Pilot โ Autoblogging & Affiliate Marketing Plugin allows Code Injection.This issue affects WP Content Pilot โ Autoblogging & Affiliate Marketing Plugin: from n/a through 1.3.3.
5.3
CVE-2023-45009 - WordPress Captcha for Contact Form 7 plugin <= 1.11.3 - Capcha Bypass vulnerability
Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive GmbH Captcha/Honeypot for Contact Form 7 allows Functionality Bypass.This issue affects Captcha/Honeypot for Contact Form 7: from n/a through 1.11.3.
7.8
CVE-2023-5751 - CODESYS: Development system prone to DoS through exposure of resource to wrong sphere
A local attacker with low privileges can read and modify any users files and cause a DoS in the working directory of the affected products due to exposure of resource to wrong sphere.ย
7.5
CVE-2024-5000 - CODESYS: Incorrect calculation of buffer size can cause DoS on CODESYS OPC UA products
An unauthenticated remote attacker can use aย malicious OPC UA client to send a crafted request to affected CODESYS products which can cause a DoS due to incorrect calculation of buffer size.
6.4
CVE-2024-4581 - Slider Revolution <= 6.7.11 - Authenticated (Author+) Stored Cross-Site Scripting via Add Layer claโฆ
The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Add Layer widget in all versions up to, and including, 6.7.11 due to insufficient input sanitization and output escaping on the user supplied 'class', 'id', and 'title' attributes. This makes itโฆ
7.1
CVE-2024-5422 - Denial of Service
An uncontrolled resource consumption of file descriptors in SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 allows DoS via HTTP.This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.
8.7
CVE-2024-5421 - Authenticated Command Injection
Missing input validation and OS command integration of the input in the utnserver Pro, utnserver ProMAX, INU-100 web-interface allows authenticated command injection.This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.
8.3
CVE-2024-5420 - Stored Cross-Site Scripting in SEH Computertechnik utnserver Pro
Missing input validation in theย SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 web-interfaceย allows stored Cross-Site Scripting (XSS)..This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.