8.8
CVE-2024-50488 - WordPress Token Login plugin <= 1.0.3 - Broken Authentication vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in yespbs Token Login token-login allows Authentication Bypass.This issue affects Token Login: from n/a through <= 1.0.3.
8.8
CVE-2024-50408 - WordPress Namaste! LMS plugin <= 2.6.3 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Bob Namaste! LMS namaste-lms allows Object Injection.This issue affects Namaste! LMS: from n/a through <= 2.6.3.
5.3
CVE-2024-10446 - Project Worlds Online Time Table Generator admindashboard.php sql injection
A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0. Affected is an unknown function of the file /timetable/admin/admindashboard.php?info=add_course. The manipulation of the argument c leads to sql injection. It is possible to launch the attack reβ¦
8.8
CVE-2024-50416 - WordPress WPC Shop as a Customer for WooCommerce plugin <= 1.2.6 - PHP Object Injection vulnerabiliβ¦
Deserialization of Untrusted Data vulnerability in WPClever WPC Shop as a Customer for WooCommerce wpc-shop-as-customer allows Object Injection.This issue affects WPC Shop as a Customer for WooCommerce: from n/a through <= 1.2.6.
9.8
CVE-2024-50450 - WordPress MDTF β Meta Data and Taxonomies Filter plugin <= 1.3.3.4 - Bypass Vulnerability vulnerabiβ¦
Improper Control of Generation of Code ('Code Injection') vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows Code Injection.This issue affects MDTF: from n/a through <= 1.3.3.4.
9.8
CVE-2024-50492 - WordPress ScottCart plugin <= 1.1 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson ScottCart scottcart allows Code Injection.This issue affects ScottCart: from n/a through <= 1.1.
9.8
CVE-2024-50498 - WordPress WP Query Console plugin <= 1.0 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code ('Code Injection') vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through <= 1.0.
9.8
CVE-2024-50477 - WordPress Stacks Mobile App Builder plugin <= 5.2.3 - Account Takeover vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through <= 5.2.3.
9.8
CVE-2024-50486 - WordPress Acnoo Flutter API plugin <= 1.0.5 - Account Takeover vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API acnoo-flutter-api allows Authentication Bypass.This issue affects Acnoo Flutter API: from n/a through <= 1.0.5.
9.8
CVE-2024-50487 - WordPress MaanStore API plugin <= 1.0.1 - Account Takeover vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo MaanStore API maanstore-api allows Authentication Bypass.This issue affects MaanStore API: from n/a through <= 1.0.1.