Microsoft Threat Intelligence unveils targets and innovative tactics amidst tax season
Cybercriminals use social engineering during holidays and important events like tax season to steal user information. Our new Microsoft Threat...
Broken Link Checker plugin for WordPress cross-site scripting | CVE-2024-25592
NAME__________Broken Link Checker plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WordPress WordPress Broken Link Checker plugin for WordPress 2.2.3Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting...
Contests by Rewards Fuel Plugin for WordPress cross-site scripting | CVE-2024-1787
NAME__________Contests by Rewards Fuel Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Contests by Rewards Fuel Plugin for WordPress 2.0.64Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting...
Contests by Rewards Fuel Plugin for WordPress cross-site request forgery | CVE-2024-1785
NAME__________Contests by Rewards Fuel Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Contests by Rewards Fuel Plugin for WordPress 2.0.64Risk Level:5.4Exploitability:HighConsequences:Gain...
Dell PowerEdge buffer overflow | CVE-2024-22453
NAME__________Dell PowerEdge buffer overflowPlatforms Affected:Dell PowerEdge R730 Dell PowerEdge R730xd Dell PowerEdge R630 Dell PowerEdge R930 Dell PowerEdge M630 Dell...
Dell PowerEdge security bypass | CVE-2024-25942
NAME__________Dell PowerEdge security bypassPlatforms Affected:Dell PowerEdge R730 Dell PowerEdge R730xd Dell PowerEdge R630 Dell PowerEdge R930 Dell PowerEdge M630 Dell...
Alma cross-site scripting | CVE-2024-1146
NAME__________Alma cross-site scriptingPlatforms Affected:Alma Alma 2.1.9Risk Level:5.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Alma is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
ReviewShort plugin for WordPress cross-site request forgery | CVE-2024-29093
NAME__________ReviewShort plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress ReviewShort plugin for WordPress 1.01.3 WordPress ReviewShort plugin for WordPress 1.01.2Risk Level:4.3Exploitability:UnprovenConsequences:Gain...
Broadcom, Microsoft and MikroTik products denial of service | CVE-2024-2169
NAME__________Broadcom, Microsoft and MikroTik products denial of servicePlatforms Affected:Broadcom DSL/PON/Wifi routers Microsoft Windows Deployment Services (WDS) MikroTik TFTP serviceRisk Level:7.5Exploitability:UnprovenConsequences:Denial...
VMware Tanzu Spring Authorization Server security bypass | CVE-2024-22258
NAME__________VMware Tanzu Spring Authorization Server security bypassPlatforms Affected:VMware Tanzu Spring Authorization Server 1.0.5 VMware Tanzu Spring Authorization Server 1.1.5 VMware...
GamiPress Plugin for WordPress cross-site scripting | CVE-2024-2460
NAME__________GamiPress Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Contests by Rewards Fuel Plugin for WordPress 2.0.64Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________GamiPress Plugin for...
IBM Security Verify Governance information disclosure | CVE-2023-35888
NAME__________IBM Security Verify Governance information disclosurePlatforms Affected:IBM Security Verify Governance 10.0.2Risk Level:5.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Security Verify Governance 10.0.2 could allow...
Elspec G5 digital fault recorder information disclosure | CVE-2024-22085
NAME__________Elspec G5 digital fault recorder information disclosurePlatforms Affected:Elspec G5 digital fault recorder 1.1.4.15Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Elspec G5 digital fault recorder...
Advanced Form Integration Plugin for WordPress cross-site scripting | CVE-2024-2387
NAME__________Advanced Form Integration Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Advanced Form Integration Connect WooCommerce and Contact Form 7 to...
Alma security bypass | CVE-2024-1144
NAME__________Alma security bypassPlatforms Affected:Alma Alma 2.1.10 Alma Alma 2.1.9Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Alma could allow a remote attacker to bypass security...
Smart Custom Fields Plugin for WordPress security bypass | CVE-2024-1995
NAME__________Smart Custom Fields Plugin for WordPress security bypassPlatforms Affected:WordPrss Smart Custom Fields Plugin for WordPress 4.2.2Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Smart Custom...
Elspec G5 digital fault recorder directory traversal | CVE-2024-22079
NAME__________Elspec G5 digital fault recorder directory traversalPlatforms Affected:Elspec G5 digital fault recorder 1.1.4.15Risk Level:7.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Elspec G5 digital fault recorder...
Elspec G5 digital fault recorder weak security | CVE-2024-22077
NAME__________Elspec G5 digital fault recorder weak securityPlatforms Affected:Elspec G5 digital fault recorder 1.1.4.15Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Elspec G5 digital fault recorder...
Alma information disclosure | CVE-2024-1145
NAME__________Alma information disclosurePlatforms Affected:Alma Alma 2.1.10 Alma Alma 2.1.9Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Alma could allow a remote attacker to obtain sensitive...
Artica Pandora FMS command execution | CVE-2023-44092
NAME__________Artica Pandora FMS command executionPlatforms Affected:Artica Pandora FMS 774 Artica Pandora FMS 700Risk Level:7.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Artica Pandora FMS could allow...
WooCommerce POS Plugin for WordPress information disclosure | CVE-2024-2384
NAME__________WooCommerce POS Plugin for WordPress information disclosurePlatforms Affected: WordPress WooCommerce POS Plugin for WordPressRisk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________WooCommerce POS Plugin for...
Elspec G5 digital fault recorder information disclosure | CVE-2024-22084
NAME__________Elspec G5 digital fault recorder information disclosurePlatforms Affected:Elspec G5 digital fault recorder 1.1.4.15Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Elspec G5 digital fault recorder...
Sourcecodester Online Discussion Forum Site file upload | CVE-2024-2690
NAME__________Sourcecodester Online Discussion Forum Site file uploadPlatforms Affected:SourceCodester Online Discussion Forum Site 1.0Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Sourcecodester Online Discussion Forum Site...
Save as PDF Plugin for WordPress security bypass | CVE-2023-52229
NAME__________Save as PDF Plugin for WordPress security bypassPlatforms Affected:WordPress Word Replacer Pro Plugin for WordPress 1.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Save as...
