6.7
CVE-2021-1462 - Cisco SD-WAN vManage Software Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to elevate privileges on an affected system. To exploit this vulnerability, an attacker would need to have a valid Administrator account on an affected system. The vulnerability is due to β¦
6.5
CVE-2024-52425 - WordPress Drozd β Addons for Elementor plugin <= 1.1.1 - Stored Cross Site Scripting (XSS) vulnerabβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vladislav Urchenko Drozd β Addons for Elementor drozd-addons-for-elementor allows Stored XSS.This issue affects Drozd β Addons for Elementor: from n/a through <= 1.1.1.
6.5
CVE-2024-52426 - WordPress Linear plugin <= 2.8.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Linear Oy Linear linear allows DOM-Based XSS.This issue affects Linear: from n/a through <= 2.8.0.
4.3
CVE-2021-1465 -
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a directory traversal attack and obtain read access to sensitive files on an affected system. The vulnerability is due to insufficient validation of HTTPβ¦
6.5
CVE-2024-37155 - OpenCTI May Bypass Introspection Restriction
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. Prior to version 6.1.9, the regex validation used to prevent Introspection queries can be bypassed by removing the extra whitespace, carriage return, and line feed characteβ¦
9.3
CVE-2024-52431 - WordPress WP Video Robot plugin <= 1.20.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pressaholic WordPress Video Robot - The Ultimate Video Importer allows SQL Injection.This issue affects WordPress Video Robot - The Ultimate Video Importer: from n/a through 1.20.0.
7.6
CVE-2024-52435 - WordPress Premium Packages β Sell Digital Products Securely plugin <= 6.0.5 - SQL Injection vulneraβ¦
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjada WPDM β Premium Packages wpdm-premium-packages.This issue affects WPDM β Premium Packages: from n/a through <= 6.0.5.
7.6
CVE-2024-52436 - WordPress Post SMTP plugin <= 2.9.9 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal Post SMTP post-smtp allows Blind SQL Injection.This issue affects Post SMTP: from n/a through <= 2.9.9.
8.1
CVE-2024-52428 - WordPress Ads Booster by Ads Pro plugin <= 1.12 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Peter Ads Booster by Ads Pro free-wp-booster-by-ads-pro allows PHP Local File Inclusion.This issue affects Ads Booster by Ads Pro: from n/a through <= 1.12.
9.8
CVE-2024-52430 - WordPress Lis Video Gallery plugin <= 0.2.1 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in bublick Lis Video Gallery lis-video-gallery allows Object Injection.This issue affects Lis Video Gallery: from n/a through <= 0.2.1.