9.1

CVSS3.1

CVE-2024-34416 - WordPress Pk Favicon Manager plugin <= 2.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Pk Favicon Manager.This issue affects Pk Favicon Manager: from n/a through 2.1.

πŸ“… Published: May 13, 2024, 8:53 a.m. πŸ”„ Last Modified: April 28, 2026, 7:25 p.m.

9.1

CVSS3.1

CVE-2024-34440 - WordPress AI Engine plugin <= 2.2.63 - Auth. Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.2.63.

πŸ“… Published: May 13, 2024, 8:45 a.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

9.1

CVSS3.1

CVE-2024-34555 - WordPress Z-Downloads plugin <= 1.11.3 - Auth. Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in URBAN BASE Z-Downloads.This issue affects Z-Downloads: from n/a through 1.11.3.

πŸ“… Published: May 13, 2024, 8:41 a.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

4.4

CVSS3.1

CVE-2024-35172 - WordPress ShortPixel Adaptive Images plugin <= 3.8.3 - Server Side Request Forgery (SSRF) vulnerabi…

Server-Side Request Forgery (SSRF) vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel-adaptive-images.This issue affects ShortPixel Adaptive Images: from n/a through <= 3.8.3.

πŸ“… Published: May 13, 2024, 8:38 a.m. πŸ”„ Last Modified: April 23, 2026, 3:18 p.m.

5.9

CVSS3.1

CVE-2024-34811 - WordPress WP SMS plugin <= 6.5.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP SMS allows Stored XSS.This issue affects WP SMS: from n/a through 6.5.1.

πŸ“… Published: May 13, 2024, 8:36 a.m. πŸ”„ Last Modified: April 28, 2026, 4:09 p.m.

5.4

CVSS3.1

CVE-2024-3462 - Authorization bypass in Ant Media Server

Ant Media Server Community Edition in a default configuration is vulnerable to an improperΒ HTTP header based authorization, leading to a possible use of non-administrative API calls reserved only for authorized users.Β  All versions up to 2.9.0 (tested) and possibly newer ones are believed to be vul…

πŸ“… Published: May 13, 2024, 8:19 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.1

CVSS3.1

CVE-2024-34749 -

Phormer prior to version 3.35 contains a cross-site scripting vulnerability. If this vulnerability is exploited, a remote unauthenticated attacker may execute an arbitrary script on the web browser of the user.

πŸ“… Published: May 13, 2024, 8:17 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

10

CVSS3.1

CVE-2024-32700 - WordPress Kognetiks Chatbot for WordPress plugin <= 2.0.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Kognetiks Kognetiks Chatbot for WordPress.This issue affects Kognetiks Chatbot for WordPress: from n/a through 2.0.0.

πŸ“… Published: May 13, 2024, 7:06 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.3

CVSS3.1

CVE-2023-5052 - Cross Site Scripting (XSS) in Servidor Uniforme Zero

vulnerability in Uniform Server Zero, version 10.2.5, consisting of an XSS through the /us_extra/phpinfo.php page. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and partially take over their session details.

πŸ“… Published: May 13, 2024, 6:53 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.4

CVSS3.1

CVE-2024-3239 - PostX < 4.0.2 - Contributor+ Stored XSS

The Post Grid Gutenberg Blocks and WordPress Blog Plugin WordPress plugin before 4.0.2 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Sit…

πŸ“… Published: May 13, 2024, 6 a.m. πŸ”„ Last Modified: May 14, 2025, 5:14 p.m.
Total resulsts: 349182
Page 9897 of 34,919
Β« previous page Β» next page
Filters