9.8
CVE-2024-54280 - WordPress WPBookit plugin <= 1.6.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design WPBookit wpbookit allows SQL Injection.This issue affects WPBookit: from n/a through <= 1.6.0.
0.0
CVE-2024-54279 - WordPress WP-NERD Toolkit plugin <= 1.1 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tobias Keller WP-NERD Toolkit wp-nerd-toolkit.This issue affects WP-NERD Toolkit: from n/a through <= 1.1.
7.1
CVE-2024-54257 - WordPress tydskrif theme <= 1.1.3 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Molefed allows Reflected XSS.This issue affects tydskrif: from n/a through 1.1.3.
7.1
CVE-2024-54249 - WordPress Advanced Options Editor plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jules Colle Advanced Options Editor allows Reflected XSS.This issue affects Advanced Options Editor: from n/a through 1.0.
0.0
CVE-2024-43234 - WordPress Woffice theme <= 5.4.14 - Unauthenticated Account Takeover vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in WofficeIO Woffice woffice allows Authentication Bypass.This issue affects Woffice: from n/a through <= 5.4.14.
6.8
CVE-2024-12653 - FabulaTech USB over Network IOCT ftusbbus2.sys 0x22040C null pointer dereference
A vulnerability classified as problematic has been found in FabulaTech USB over Network 6.0.6.1. Affected is the function 0x22040C in the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exโฆ
0.0
CVE-2024-54229 - WordPress SV100 Companion plugin <= 2.0.02 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in straightvisions GmbH SV100 Companion sv100-companion allows Privilege Escalation.This issue affects SV100 Companion: from n/a through <= 2.0.02.
8.7
CVE-2024-12092 - Stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator oโฆ
A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
8.7
CVE-2024-12091 - Stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator fโฆ
A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
8.7
CVE-2024-12090 - Stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator oโฆ
A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.