RedPacket Security - InfoSec News & Tutorials

Easy Appointments addons Plugin for WordPress cross-site scripting | CVE-2024-2842

April 2, 2024

NAME__________Easy Appointments addons Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Easy Appointments Plugin for WordPress 3.11.18Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Easy Appointments Plugin...

Saleor information disclosure | CVE-2024-29888

April 2, 2024

NAME__________Saleor information disclosurePlatforms Affected:saleor saleorRisk Level:4.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Saleor could allow a remote attacker to obtain sensitive information, caused by a...

Elementor Addon Elements Plugin for WordPress cross-site scripting | CVE-2024-2091

April 2, 2024

NAME__________Elementor Addon Elements Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Elementor Addon Elements Plugin for WordPress 1.13.1Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Elementor Addon...

Ultimate Addons for Beaver Builder Plugin for WordPress cross-site scripting | CVE-2024-2141

April 2, 2024

NAME__________ Ultimate Addons for Beaver Builder Plugin for WordPress cross-site scriptingPlatforms Affected: WordPress Ultimate Addons for Beaver Builder Plugin for...

Ultimate Addons for Beaver Builder Plugin for WordPress cross-site scripting | CVE-2024-2143

April 2, 2024

NAME__________ Ultimate Addons for Beaver Builder Plugin for WordPress cross-site scriptingPlatforms Affected: WordPress Ultimate Addons for Beaver Builder Plugin for...

helm information disclosure | CVE-2019-25210

April 2, 2024

NAME__________helm information disclosurePlatforms Affected:Helm Helm 3.0.0 Helm Helm 3.14.2Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________helm could allow a remote attacker to obtain sensitive...

The Page Builder by SiteOrigin Plugin for WordPress cross-site scripting | CVE-2024-2202

April 2, 2024

NAME__________The Page Builder by SiteOrigin Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress The Page Builder by SiteOrigin plugin for WordPress 2.29.6Risk...

NodeBB security bypass |

April 2, 2024

NAME__________NodeBB security bypassPlatforms Affected:NodeBB NodeBB 3.6.7Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________NodeBB could allow a remote authenticated attacker to bypass security restrictions, caused...

Cockpit command execution | CVE-2024-2947

April 2, 2024

NAME__________Cockpit command executionPlatforms Affected:Cockpit Cockpit 270Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Cockpit could allow a local authenticated attacker to execute arbitrary commands on...

Elementor Website Builder Pro Plugin for WordPress cross-site scripting | CVE-2024-1521

April 2, 2024

NAME__________Elementor Website Builder Pro Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Elementor Website Builder Pro Plugin for WordPress 3.20.1Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting...

Ultimate Addons for Beaver Builder Plugin for WordPress cross-site scripting | CVE-2024-2140

April 2, 2024

NAME__________ Ultimate Addons for Beaver Builder Plugin for WordPress cross-site scriptingPlatforms Affected: WordPress Ultimate Addons for Beaver Builder Plugin for...

Fancy Comments Plugin for WordPress cross-site scripting | CVE-2024-29804

April 2, 2024

NAME__________Fancy Comments Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Fancy Comments Plugin for WordPress 1.2.14Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Fancy Comments Plugin for...

Ultimate Addons for Beaver Builder Plugin for WordPress cross-site scripting | CVE-2024-2142

April 2, 2024

NAME__________ Ultimate Addons for Beaver Builder Plugin for WordPress cross-site scriptingPlatforms Affected: WordPress Ultimate Addons for Beaver Builder Plugin for...

Dell vApp Manager command execution | CVE-2024-25946

April 2, 2024

NAME__________Dell vApp Manager command executionPlatforms Affected:Dell vApp Manager 9.2.4.8 Dell vApp Manager 9.2.4.7Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Dell vApp Manager could allow...

Dell vApp Manager command execution | CVE-2024-25955

April 2, 2024

Siklu MultiHaul TG series information disclosure |

April 2, 2024

NAME__________Siklu MultiHaul TG series information disclosurePlatforms Affected:Siklu MultiHaul TG series 2.0.0Risk Level:5.3Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________Siklu MultiHaul TG series could...

Multiple NETGEAR Modems and WiFi Systems weak security |

April 2, 2024

NAME__________Multiple NETGEAR Modems and WiFi Systems weak securityPlatforms Affected:NETGEAR RBS850 NETGEAR RBK852 NETGEAR RBR850 NETGEAR CBR750 NETGEAR C6300v2Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access...

Asterisk AMI information disclosure | CVE-2023-49294

April 2, 2024

NAME__________Asterisk AMI information disclosurePlatforms Affected:Asterisk AMI 18.20.0Risk Level:5.3Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________Asterisk AMI could allow a remote attacker to obtain...

MikroTik RouterOS denial of service | CVE-2024-27686

April 2, 2024

NAME__________MikroTik RouterOS denial of servicePlatforms Affected:MikroTik RouterOS 6.48.1 MikroTik RouterOS 6.40.5 MikroTik RouterOS 6.49.10 MikroTik RouterOS 6.44Risk Level:5.3Exploitability:Proof of ConceptConsequences:Denial...

Dell PowerProtect Data Manager XML external entity injection | CVE-2024-25971

April 2, 2024

NAME__________Dell PowerProtect Data Manager XML external entity injectionPlatforms Affected:Dell PowerProtect Data Manager 19.10 Dell PowerProtect Data Manager 19.11 Dell PowerProtect...

Purei CMS events-ajax.php SQL injection |

April 2, 2024

NAME__________Purei CMS events-ajax.php SQL injectionPlatforms Affected:Purei CMS Purei CMS 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Purei CMS is vulnerable to SQL injection. A...

PowerPack Addons for Elementor Plugin for WordPress cross-site scripting | CVE-2024-2791

April 2, 2024

NAME__________PowerPack Addons for Elementor Plugin for WordPress cross-site scriptingPlatforms Affected: WordPress PowerPack Addons for Elementor Plugin for WordPress 2.7.17Risk Level:6.4Exploitability:HighConsequences:Cross-Site...

zephyr denial of service | CVE-2024-3077

April 2, 2024

NAME__________zephyr denial of servicePlatforms Affected:Zephyr Zephyr 3.6Risk Level:6.8Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________zephyr is vulnerable to a denial of service, caused by...

Unlimited Elements For Elementor Plugin for WordPress cross-site scripting | CVE-2024-0367

April 2, 2024

NAME__________ Unlimited Elements For Elementor Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Unlimited Elements For Elementor Plugin for WordPress 1.5.96Risk Level:6.4Exploitability:HighConsequences:Cross-Site...

Main Story

Fortifying the Supply Chain through Practical Security for Modern Organizations

Security Awareness Training that Works for Changing Employee Behavior

Editor’s Picks

Trending Story

Featured Story

You may have missed