Vulnerability Summary for the Week of June 3, 2024 | CISA


10up–ElasticPress
  Cross-Site Request Forgery (CSRF) vulnerability in 10up ElasticPress.This issue affects ElasticPress: from n/a through 5.1.0. 2024-06-08 4.3 CVE-2024-35684
audit@patchstack.com 10up–Restricted Site Access
  Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through 7.4.1. 2024-06-04 5.3 CVE-2023-48753
audit@patchstack.com 10Web Form Builder Team–Form Maker by 10Web
  Improper Restriction of Excessive Authentication Attempts vulnerability in 10Web Form Builder Team Form Maker by 10Web allows Functionality Bypass.This issue affects Form Maker by 10Web: from n/a through 1.15.20. 2024-06-04 5.3 CVE-2023-48290
audit@patchstack.com 10web–Photo Gallery by 10Web Mobile-Friendly Image Gallery
  The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘svg’ parameter in all versions up to, and including, 1.8.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, this can only be exploited by administrators, but the ability to use and configure Photo Gallery can be extended to contributors on pro versions of the plugin. 2024-06-07 6.4 CVE-2024-5426
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com 10web–Photo Gallery by 10Web Mobile-Friendly Image Gallery
  The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.8.23 via the esc_dir function. This makes it possible for authenticated attackers to cut and paste (copy) the contents of arbitrary files on the server, which can contain sensitive information, and to cut (delete) arbitrary directories, including the root WordPress directory. By default this can be exploited by administrators only. In the premium version of the plugin, administrators can give gallery edit permissions to lower level users, which might make this exploitable by users as low as contributors. 2024-06-07 6.8 CVE-2024-5481
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com A WP Life–Contact Form Widget
  Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Contact Form Widget.This issue affects Contact Form Widget: from n/a through 1.3.9. 2024-06-03 5.3 CVE-2024-34754
audit@patchstack.com AccessAlly–PopupAlly
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in AccessAlly PopupAlly allows Stored XSS.This issue affects PopupAlly: from n/a through 2.1.1. 2024-06-03 5.9 CVE-2024-34796
audit@patchstack.com adamskaat–Countdown, Coming Soon, Maintenance Countdown & Clock
  The Countdown, Coming Soon, Maintenance – Countdown & Clock plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the conditionsRow and switchCountdown functions in all versions up to, and including, 2.7.8. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject PHP Objects and modify the status of countdowns. 2024-06-06 5.4 CVE-2024-2017
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com Analytify–Analytify
  Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3. 2024-06-08 5.4 CVE-2024-35689
audit@patchstack.com apollo13themes–Rife Free
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in apollo13themes Rife Free allows Stored XSS.This issue affects Rife Free: from n/a through 2.4.19. 2024-06-08 6.5 CVE-2024-35708
audit@patchstack.com argoproj–argo-cd
  Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The vulnerability allows unauthorized access to the sensitive settings exposed by /api/v1/settings endpoint without authentication. All sensitive settings are hidden except passwordPattern. This vulnerability is fixed in 2.11.3, 2.10.12, and 2.9.17. 2024-06-06 5.3 CVE-2024-37152
security-advisories@github.com
security-advisories@github.com argoproj–argo-cd
  Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. It’s possible for authenticated users to enumerate clusters by name by inspecting error messages. It’s also possible to enumerate the names of projects with project-scoped clusters if you know the names of the clusters. This vulnerability is fixed in 2.11.3, 2.10.12, and 2.9.17. 2024-06-06 4.3 CVE-2024-36106
security-advisories@github.com
security-advisories@github.com ARI Soft–ARI Stream Quiz
  Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through 1.3.2. 2024-06-04 5.4 CVE-2023-47513
audit@patchstack.com artbees–SellKit Funnel builder and checkout optimizer for WooCommerce to sell more, faster
  The SellKit – Funnel builder and checkout optimizer for WooCommerce to sell more, faster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-4608
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com Automattic–ChaosTheory
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Automattic ChaosTheory allows Stored XSS.This issue affects ChaosTheory: from n/a through 1.3. 2024-06-03 6.5 CVE-2024-34766
audit@patchstack.com awordpresslife–Formula
  The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in the ‘quality_customizer_notify_dismiss_action’ AJAX action in all versions up to, and including, 0.5.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 2024-06-08 6.1 CVE-2024-5613
security@wordfence.com
security@wordfence.com
security@wordfence.com awordpresslife–Formula
  The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in the ‘ti_customizer_notify_dismiss_recommended_plugins’ AJAX action in all versions up to, and including, 0.5.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 2024-06-08 6.1 CVE-2024-5638
security@wordfence.com
security@wordfence.com
security@wordfence.com bdthemes–Prime Slider Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider)
  The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ attribute within the Pacific widget in all versions up to, and including, 3.14.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-07 6.4 CVE-2024-5640
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com Benoit Mercusot–Simple Popup Manager
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Benoit Mercusot Simple Popup Manager allows Stored XSS.This issue affects Simple Popup Manager: from n/a through 1.3.5. 2024-06-03 5.9 CVE-2024-34797
audit@patchstack.com BetterAddons–Better Elementor Addons
  Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in BetterAddons Better Elementor Addons allows PHP Local File Inclusion.This issue affects Better Elementor Addons: from n/a through 1.4.1. 2024-06-04 6.5 CVE-2024-33541
audit@patchstack.com BeyondTrust–BeyondInsight
  Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability. 2024-06-04 4.8 CVE-2024-4219
13061848-ea10-403d-bd75-c83a022c2891 BeyondTrust–BeyondInsight
  Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can allow an attacker to enumerate usernames. 2024-06-04 4.3 CVE-2024-4220
13061848-ea10-403d-bd75-c83a022c2891 biplob018–Image Hover Effects for Elementor with Lightbox and Flipbox
  The Image Hover Effects for Elementor with Lightbox and Flipbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_id’, ‘oxi_addons_f_title_tag’, and ‘content_description_tag’ parameters in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-5001
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com Born05–CraftCMS Plugin – Two-Factor Authentication
  The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period. 2024-06-06 4.8 CVE-2024-5658
1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a
1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a
1e3a9e0f-5156-4bf8-b8a3-cc311bfc0f4a Brainstorm Force–Spectra
  Improper Restriction of Excessive Authentication Attempts vulnerability in Brainstorm Force Spectra allows Functionality Bypass.This issue affects Spectra: from n/a through 2.3.0. 2024-06-03 5.3 CVE-2023-23730
audit@patchstack.com Brainstorm Force–Spectra
  Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Brainstorm Force Spectra allows Code Injection.This issue affects Spectra: from n/a through 2.3.0. 2024-06-03 5.3 CVE-2023-23735
audit@patchstack.com Brainstorm Force–Spectra
  Improper Neutralization of Special Elements in Output Used by a Downstream Component (‘Injection’) vulnerability in Brainstorm Force Spectra allows Content Spoofing, Phishing.This issue affects Spectra: from n/a through 2.3.0. 2024-06-03 5.3 CVE-2023-23738
audit@patchstack.com brainstormforce–Cards for Beaver Builder
  The Cards for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s Cards widget in all versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-08 6.4 CVE-2024-5663
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com brainstormforce–SureTriggers Connect All Your Plugins, Apps, Tools & Automate Everything!
  The SureTriggers – Connect All Your Plugins, Apps, Tools & Automate Everything! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s Trigger Link shortcode in all versions up to, and including, 1.0.47 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-04 6.4 CVE-2024-5485
security@wordfence.com
security@wordfence.com
security@wordfence.com brizy — brizy-page_builder
  The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form name values in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-05 6.1 CVE-2024-2087
security@wordfence.com
security@wordfence.com
security@wordfence.com brizy — brizy-page_builder
  The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s Custom Attributes for blocks in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-05 5.4 CVE-2024-1161
security@wordfence.com
security@wordfence.com brizy — brizy-page_builder
  The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post content in all versions up to, and including, 2.4.41 due to insufficient input sanitization performed only on the client side and insufficient output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-05 5.4 CVE-2024-1940
security@wordfence.com
security@wordfence.com brizy — brizy-page_builder
  The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘Link To’ field of multiple widgets in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-05 5.4 CVE-2024-3667
security@wordfence.com
security@wordfence.com
security@wordfence.com Bryan Hadaway–Site Favicon
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Bryan Hadaway Site Favicon allows Stored XSS.This issue affects Site Favicon: from n/a through 0.2. 2024-06-03 5.9 CVE-2024-35642
audit@patchstack.com Canonical Ltd.–Netplan
  netplan leaks the private key of wireguard to local users. A security fix will be released soon. 2024-06-07 6.5 CVE-2022-4968
security@ubuntu.com
security@ubuntu.com
security@ubuntu.com cartpauj–Cartpauj Register Captcha
  : Improper Control of Interaction Frequency vulnerability in cartpauj Cartpauj Register Captcha allows Functionality Misuse.This issue affects Cartpauj Register Captcha: from n/a through 1.0.02. 2024-06-04 6.5 CVE-2023-40673
audit@patchstack.com CeiKay–Tooltip CK
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in CeiKay Tooltip CK tooltip-ck allows Stored XSS.This issue affects Tooltip CK: from n/a through 2.2.15. 2024-06-08 5.9 CVE-2024-35756
audit@patchstack.com Ciprian Popescu–Block for Font Awesome
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Ciprian Popescu Block for Font Awesome allows Stored XSS.This issue affects Block for Font Awesome: from n/a through 1.4.4. 2024-06-08 6.5 CVE-2024-35705
audit@patchstack.com Cisco–Cisco Unified Contact Center Enterprise
  A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device. 2024-06-05 4.8 CVE-2024-20405
ykramarz@cisco.com claudiosanches–Claudio Sanches Checkout Cielo for WooCommerce
  The Claudio Sanches – Checkout Cielo for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to insufficient payment validation in the update_order_status() function in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to update the status of orders to paid bypassing payment. 2024-06-04 5.3 CVE-2024-1718
security@wordfence.com
security@wordfence.com Codection–Import and export users and customers
  Missing Authorization vulnerability in Codection Import and export users and customers.This issue affects Import and export users and customers: from n/a through 1.24.6. 2024-06-08 5.3 CVE-2024-22151
audit@patchstack.com codeless — cowidgets_-_elementor
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Codeless Cowidgets – Elementor Addons allows Stored XSS.This issue affects Cowidgets – Elementor Addons: from n/a through 1.1.1. 2024-06-04 5.4 CVE-2024-35782
audit@patchstack.com codelessthemes–Cowidgets Elementor Addons
  The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘heading_tag’ parameter in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-04 6.4 CVE-2024-4697
security@wordfence.com
security@wordfence.com
security@wordfence.com codename065–Download Manager
  The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘wpdm_modal_login_form’ shortcode in all versions up to, and including, 3.2.93 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-05 6.4 CVE-2024-4001
security@wordfence.com
security@wordfence.com CodePeople, paypaldev–CP Contact Form with Paypal
  Missing Authorization vulnerability in CodePeople, paypaldev CP Contact Form with Paypal allows Functionality Misuse.This issue affects CP Contact Form with Paypal: from n/a through 1.3.34. 2024-06-03 4.3 CVE-2023-27460
audit@patchstack.com CodePeople–Calculated Fields Form
  Missing Authorization vulnerability in CodePeople Calculated Fields Form allows Functionality Misuse.This issue affects Calculated Fields Form: from n/a through 1.1.120. 2024-06-03 4.3 CVE-2023-26523
audit@patchstack.com CodePeople–Contact Form Email
  Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Contact Form Email allows Functionality Bypass.This issue affects Contact Form Email: from n/a through 1.3.41. 2024-06-04 5.3 CVE-2023-48318
audit@patchstack.com CodePeople–Contact Form Email
  Missing Authorization vulnerability in CodePeople Contact Form Email allows Functionality Misuse.This issue affects Contact Form Email: from n/a through 1.3.31. 2024-06-04 4.3 CVE-2023-28494
audit@patchstack.com CodePeople–CP Multi View Event Calendar
  Missing Authorization vulnerability in CodePeople CP Multi View Event Calendar allows Functionality Misuse.This issue affects CP Multi View Event Calendar: from n/a through 1.4.10. 2024-06-03 4.3 CVE-2023-28492
audit@patchstack.com CodePeople–Search in Place
  Missing Authorization vulnerability in CodePeople Search in Place allows Functionality Misuse.This issue affects Search in Place: from n/a through 1.0.104. 2024-06-03 4.3 CVE-2023-26521
audit@patchstack.com Creative Motion, Will Bontrager Software, LLC–Woody ad snippets
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Creative Motion, Will Bontrager Software, LLC Woody ad snippets allows Stored XSS.This issue affects Woody ad snippets: from n/a through 2.4.10. 2024-06-08 5.9 CVE-2024-35751
audit@patchstack.com CreativeThemes–Blocksy Companion
  Server-Side Request Forgery (SSRF) vulnerability in CreativeThemes Blocksy Companion.This issue affects Blocksy Companion: from n/a through 2.0.42. 2024-06-03 4.4 CVE-2024-35633
audit@patchstack.com creativethemeshq–Blocksy
  The Blocksy theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the custom_url parameter in all versions up to, and including, 2.0.50 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 2024-06-05 6.4 CVE-2024-5439
security@wordfence.com
security@wordfence.com CRM Perks.–Integration for Contact Form 7 and Constant Contact
  Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks. Integration for Contact Form 7 and Constant Contact.This issue affects Integration for Contact Form 7 and Constant Contact: from n/a through 1.1.5. 2024-06-03 4.3 CVE-2024-35632
audit@patchstack.com cyberchimps–Responsive Addons Starter Templates, Advanced Features and Customizer Settings for Responsive Theme.
  The Responsive Addons – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme. plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s file uploader in all versions up to, and including, 3.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-05 6.4 CVE-2024-5222
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com CyberChimps–Responsive
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in CyberChimps Responsive allows Stored XSS.This issue affects Responsive: from n/a through 5.0.3. 2024-06-04 6.5 CVE-2024-35654
audit@patchstack.com cyclonetheme–Elegant Blocks
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in cyclonetheme Elegant Blocks allows Stored XSS.This issue affects Elegant Blocks: from n/a through 1.7. 2024-06-03 6.5 CVE-2024-34769
audit@patchstack.com dain–snappy
  iq80 Snappy is a compression/decompression library. When uncompressing certain data, Snappy tries to read outside the bounds of the given byte arrays. Because Snappy uses the JDK class `sun.misc.Unsafe` to speed up memory access, no additional bounds checks are performed and this has similar security consequences as out-of-bounds access in C or C++, namely it can lead to non-deterministic behavior or crash the JVM. iq80 Snappy is not actively maintained anymore. As quick fix users can upgrade to version 0.5. 2024-06-03 5.3 CVE-2024-36124
security-advisories@github.com Devnath verma–WP Captcha
  Improper Restriction of Excessive Authentication Attempts vulnerability in Devnath verma WP Captcha allows Functionality Bypass.This issue affects WP Captcha: from n/a through 2.0.0. 2024-06-04 5.3 CVE-2023-44235
audit@patchstack.com dextorlobo–Custom Dash
  The Custom Dash plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. 2024-06-06 4.4 CVE-2024-4942
security@wordfence.com
security@wordfence.com dfactory–Download Attachments
  The Download Attachments plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘download-attachments’ shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-04 6.4 CVE-2024-3230
security@wordfence.com
security@wordfence.com Dulldusk–PHP File Manager
  Vulnerability in Dulldusk’s PHP File Manager affecting version 1.7.8. This vulnerability consists of an XSS through the fm_current_dir parameter of index.php. An attacker could send a specially crafted JavaScript payload to an authenticated user and partially hijack their browser session. 2024-06-06 6.1 CVE-2024-5673
cve-coordination@incibe.es duongancol–Boostify Header Footer Builder for Elementor
  The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘size’ parameter in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-05 6.4 CVE-2024-5006
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com duongancol–Boostify Header Footer Builder for Elementor
  The Boostify Header Footer Builder for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the create_bhf_post function in all versions up to, and including, 1.3.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to create pages or posts with arbitrary content. 2024-06-06 4.3 CVE-2024-4788
security@wordfence.com
security@wordfence.com El tiempo–Weather Widget Pro
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in El tiempo Weather Widget Pro allows Stored XSS.This issue affects Weather Widget Pro: from n/a through 1.1.40. 2024-06-08 6.5 CVE-2024-35755
audit@patchstack.com elearningfreak — insert_or_embed_articulate_content
  The Insert or Embed Articulate Content into WordPress plugin through 4.3000000023 lacks validation of URLs when adding iframes, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page. 2024-06-04 5.4 CVE-2024-0756
contact@wpscan.com EmailGPT–EmailGPT
  The EmailGPT service contains a prompt injection vulnerability. The service uses an API service that allows a malicious user to inject a direct prompt and take over the service logic. Attackers can exploit the issue by forcing the AI service to leak the standard hard-coded system prompts and/or execute unwanted prompts. When engaging with EmailGPT by submitting a malicious prompt that requests harmful information, the system will respond by providing the requested data. This vulnerability can be exploited by any individual with access to the service. 2024-06-05 6.5 CVE-2024-5184
disclosure@synopsys.com Enea Overclokk–Stellissimo Text Box
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Enea Overclokk Stellissimo Text Box allows Stored XSS.This issue affects Stellissimo Text Box: from n/a through 1.1.4. 2024-06-08 5.9 CVE-2024-35752
audit@patchstack.com envothemes–Envo Extra
  The Envo Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘button_css_id’ parameter within the Button widget in all versions up to, and including, 1.8.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-07 6.4 CVE-2024-5645
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com envoyproxy–envoy
  Envoy is a cloud-native, open source edge and service proxy. A theoretical request smuggling vulnerability exists through Envoy if a server can be tricked into adding an upgrade header into a response. Per RFC https://www.rfc-editor.org/rfc/rfc7230#section-6.7 a server sends 101 when switching protocols. Envoy incorrectly accepts a 200 response from a server when requesting a protocol upgrade, but 200 does not indicate protocol switch. This opens up the possibility of request smuggling through Envoy if the server can be tricked into adding the upgrade header to the response. 2024-06-04 5.9 CVE-2024-23326
security-advisories@github.com envoyproxy–envoy
  Envoy is a cloud-native, open source edge and service proxy. A crash was observed in `EnvoyQuicServerStream::OnInitialHeadersComplete()` with following call stack. It is a use-after-free caused by QUICHE continuing push request headers after `StopReading()` being called on the stream. As after `StopReading()`, the HCM’s `ActiveStream` might have already be destroyed and any up calls from QUICHE could potentially cause use after free. 2024-06-04 5.9 CVE-2024-32974
security-advisories@github.com envoyproxy–envoy
  Envoy is a cloud-native, open source edge and service proxy. There is a crash at `QuicheDataReader::PeekVarInt62Length()`. It is caused by integer underflow in the `QuicStreamSequencerBuffer::PeekRegion()` implementation. 2024-06-04 5.9 CVE-2024-32975
security-advisories@github.com envoyproxy–envoy
  Envoy is a cloud-native, open source edge and service proxy. There is a use-after-free in `HttpConnectionManager` (HCM) with `EnvoyQuicServerStream` that can crash Envoy. An attacker can exploit this vulnerability by sending a request without `FIN`, then a `RESET_STREAM` frame, and then after receiving the response, closing the connection. 2024-06-04 5.9 CVE-2024-34362
security-advisories@github.com envoyproxy–envoy
  Envoy is a cloud-native, open source edge and service proxy. Envoy exposed an out-of-memory (OOM) vector from the mirror response, since async HTTP client will buffer the response with an unbounded buffer. 2024-06-04 5.7 CVE-2024-34364
security-advisories@github.com Essential Addons–Essential Addons for Elementor Pro
  The Essential Addons for Elementor Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘eael_lightbox_open_btn_icon’ parameter within the Lightbox & Modal widget in all versions up to, and including, 5.8.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-07 6.4 CVE-2024-5612
security@wordfence.com
security@wordfence.com evmos–evmos
  Evmos is the Ethereum Virtual Machine (EVM) Hub on the Cosmos Network. Users are able to delegate tokens that have not yet been vested. This affects employees and grantees who have funds managed via `ClawbackVestingAccount`. This affects 18.1.0 and earlier. 2024-06-06 5.3 CVE-2024-37154
security-advisories@github.com extendthemes–Colibri Page Builder
  The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s colibri_video_player shortcode in all versions up to, and including, 1.0.276 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-07 6.4 CVE-2024-4451
security@wordfence.com
security@wordfence.com extendthemes–Colibri Page Builder
  The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s shortcode(s) in all versions up to, and including, 1.0.276 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-5038
security@wordfence.com
security@wordfence.com
security@wordfence.com Fahad Mahmood–WP Docs
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.1.3. 2024-06-08 6.5 CVE-2024-35695
audit@patchstack.com Fastly–Fastly
  Missing Authorization vulnerability in Fastly.This issue affects Fastly: from n/a through 1.2.25. 2024-06-03 4.3 CVE-2024-34803
audit@patchstack.com FeedbackWP–Rate my Post WP Rating System
  Authentication Bypass by Spoofing vulnerability in FeedbackWP Rate my Post – WP Rating System allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.2. 2024-06-04 5.3 CVE-2023-51667
audit@patchstack.com flowdee–EasyAzon Amazon Associates Affiliate Plugin
  The EasyAzon – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘easyazon-cloaking-locale’ parameter in all versions up to, and including, 5.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 2024-06-06 6.1 CVE-2023-6956
security@wordfence.com
security@wordfence.com Forge12 Interactive GmbH–Captcha/Honeypot for Contact Form 7
  Improper Restriction of Excessive Authentication Attempts vulnerability in Forge12 Interactive GmbH Captcha/Honeypot for Contact Form 7 allows Functionality Bypass.This issue affects Captcha/Honeypot for Contact Form 7: from n/a through 1.11.3. 2024-06-04 5.3 CVE-2023-45009
audit@patchstack.com Fortinet–FortiAuthenticator
  A URL redirection to untrusted site (‘open redirect’) in Fortinet FortiAuthenticator version 6.6.0, version 6.5.3 and below, version 6.4.9 and below may allow an attacker to to redirect users to an arbitrary website via a crafted URL. 2024-06-03 6.1 CVE-2024-23664
psirt@fortinet.com Fortinet–FortiPortal
  A client-side enforcement of server-side security in Fortinet FortiPortal version 6.0.0 through 6.0.14 allows attacker to improper access control via crafted HTTP requests. 2024-06-03 4.3 CVE-2023-48789
psirt@fortinet.com Fortinet–FortiSOAR
  An improper removal of sensitive information before storage or transfer vulnerability [CWE-212] in FortiSOAR version 7.3.0, version 7.2.2 and below, version 7.0.3 and below may allow an authenticated low privileged user to read Connector passwords in plain-text via HTTP responses. 2024-06-03 6.5 CVE-2024-31493
psirt@fortinet.com Fortinet–FortiWebManager
  An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI. 2024-06-05 6.5 CVE-2024-23669
psirt@fortinet.com Fortinet–FortiWeb
  An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiWeb version 7.4.0, version 7.2.4 and below, version 7.0.8 and below, 6.3 all versions may allow an authenticated attacker to read password hashes of other administrators via CLI commands. 2024-06-03 5.5 CVE-2024-23107
psirt@fortinet.com Fortinet–FortiWeb
  Multiple improper authorization vulnerabilities [CWE-285] in FortiWeb version 7.4.2 and below, version 7.2.7 and below, version 7.0.10 and below, version 6.4.3 and below, version 6.3.23 and below may allow an authenticated attacker to perform unauthorized ADOM operations via crafted requests. 2024-06-03 5.9 CVE-2024-23665
psirt@fortinet.com freephp-1–Nafeza Prayer Time
  The Nafeza Prayer Time plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. 2024-06-04 4.4 CVE-2024-4462
security@wordfence.com
security@wordfence.com g5theme–Essential Real Estate
  The Essential Real Estate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘ere_property_map’ shortcode in all versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-04 6.4 CVE-2024-4273
security@wordfence.com
security@wordfence.com g5theme–Essential Real Estate
  The Essential Real Estate plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the remove_property_attachment_ajax() function in all versions up to, and including, 4.4.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary attachments. 2024-06-04 4.3 CVE-2024-4274
security@wordfence.com
security@wordfence.com GeneratePress–GP Premium
  The GP Premium plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the message parameter in all versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 2024-06-05 6.1 CVE-2024-3469
security@wordfence.com
security@wordfence.com getbrave — brave
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Brave Brave Popup Builder allows Stored XSS.This issue affects Brave Popup Builder: from n/a through 0.6.8. 2024-06-04 4.8 CVE-2024-35655
audit@patchstack.com getformwork–formwork
  Formwork is a flat file-based Content Management System (CMS). An attackers (requires administrator privilege) to execute arbitrary web scripts by modifying site options via /panel/options/site. This type of attack is suitable for persistence, affecting visitors across all pages (except the dashboard). This vulnerability is fixed in 1.13.1. 2024-06-07 4.8 CVE-2024-37160
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com gn_themes–WP Shortcodes Plugin Shortcodes Ultimate
  The WP Shortcodes Plugin – Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s su_lightbox shortcode in all versions up to, and including, 7.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-05 6.4 CVE-2024-4821
security@wordfence.com
security@wordfence.com
security@wordfence.com GregRoss–Just Writing Statistics
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in GregRoss Just Writing Statistics allows Stored XSS.This issue affects Just Writing Statistics: from n/a through 4.5. 2024-06-03 5.9 CVE-2024-35641
audit@patchstack.com gVectors Team–wpDiscuz
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in gVectors Team wpDiscuz allows Stored XSS.This issue affects wpDiscuz: from n/a through 7.6.18. 2024-06-08 6.5 CVE-2024-35681
audit@patchstack.com gVectors Team–wpDiscuz
  Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpDiscuz allows Code Injection.This issue affects wpDiscuz: from n/a through 7.6.10. 2024-06-04 5.3 CVE-2023-46310
audit@patchstack.com Hans van Eijsden,niwreg–ImageMagick Sharpen Resized Images
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Hans van Eijsden,niwreg ImageMagick Sharpen Resized Images allows Stored XSS.This issue affects ImageMagick Sharpen Resized Images: from n/a through 1.1.7. 2024-06-03 5.9 CVE-2024-34790
audit@patchstack.com HasThemes–HT Feed
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in HasThemes HT Feed allows Stored XSS.This issue affects HT Feed: from n/a through 1.2.8. 2024-06-08 6.5 CVE-2024-35699
audit@patchstack.com HasThemes–ShopLentor
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in HasThemes ShopLentor allows Stored XSS.This issue affects ShopLentor: from n/a through 2.8.7. 2024-06-03 6.5 CVE-2024-34767
audit@patchstack.com HCL Software–Connections Docs
  HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch additional attacks. 2024-06-08 4.4 CVE-2023-45707
psirt@hcl.com horearadu–Materialis Companion
  The Materialis Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s materialis_contact_form shortcode in all versions up to, and including, 1.3.41 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-4707
security@wordfence.com
security@wordfence.com
security@wordfence.com horearadu–One Page Express Companion
  The One Page Express Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s one_page_express_contact_form shortcode in all versions up to, and including, 1.6.37 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-07 6.4 CVE-2024-4703
security@wordfence.com
security@wordfence.com ibabar–WordPress prettyPhoto
  The WordPress prettyPhoto plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-5162
security@wordfence.com
security@wordfence.com IBM–i
  IBM i 7.2, 7.3, 7.4, and 7.5 Service Tools Server (SST) is vulnerable to SST user enumeration by a remote attacker. This vulnerability can be used by a malicious actor to gather information about SST users that can be targeted in further attacks. IBM X-Force ID: 287538. 2024-06-07 5.3 CVE-2024-31878
psirt@us.ibm.com
psirt@us.ibm.com IBM–System Storage DS8900F
  IBM System Storage DS8900F 89.22.19.0, 89.30.68.0, 89.32.40.0, 89.33.48.0, 89.40.83.0, and 89.40.93.0 could allow a remote user to create an LDAP connection with a valid username and empty password to establish an anonymous connection.   IBM X-Force ID: 279518. 2024-06-06 5 CVE-2024-22326
psirt@us.ibm.com
psirt@us.ibm.com Icegram–Icegram
  Missing Authorization vulnerability in Icegram.This issue affects Icegram: from n/a through 3.1.21. 2024-06-08 4.3 CVE-2024-21748
audit@patchstack.com IdoPesok–zsa
  zsa is a library for building typesafe server actions in Next.js. All users are impacted. The zsa application transfers the parse error stack from the server to the client in production build mode. This can potentially reveal sensitive information about the server environment, such as the machine username and directory paths. An attacker could exploit this vulnerability to gain unauthorized access to sensitive server information. This information could be used to plan further attacks or gain a deeper understanding of the server infrastructure. This has been patched on `0.3.3`. 2024-06-07 4 CVE-2024-37162
security-advisories@github.com
security-advisories@github.com ILLID–Advanced Woo Labels
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in ILLID Advanced Woo Labels allows Cross-Site Scripting (XSS).This issue affects Advanced Woo Labels: from n/a through 1.93. 2024-06-08 6.5 CVE-2024-35675
audit@patchstack.com IP2Location–Download IP2Location Country Blocker
  Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country Blocker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Download IP2Location Country Blocker: from n/a through 2.29.1. 2024-06-04 5.3 CVE-2023-37865
audit@patchstack.com ishanverma–Authorize.net Payment Gateway For WooCommerce
  The Authorize.net Payment Gateway For WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 8.0. This is due to the plugin not properly verifying the authenticity of the request that updates a orders payment status. This makes it possible for unauthenticated attackers to update order payment statuses to paid bypassing any payment. 2024-06-04 5.3 CVE-2024-2382
security@wordfence.com
security@wordfence.com itsourcecode–Bakery Online Ordering System
  A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument txtsearch leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-267091. 2024-06-04 6.3 CVE-2024-5635
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com itsourcecode–Bakery Online Ordering System
  A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file report/index.php. The manipulation of the argument procduct leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-267092. 2024-06-05 6.3 CVE-2024-5636
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com itsourcecode–Online Discussion Forum
  A vulnerability classified as critical has been found in itsourcecode Online Discussion Forum 1.0. Affected is an unknown function of the file /members/poster.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-267408. 2024-06-07 6.3 CVE-2024-5734
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com J.N. Breetvelt a.k.a. OpaJaap–WP Photo Album Plus
  Exposure of Sensitive Information to an Unauthorized Actor vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005. 2024-06-04 5.3 CVE-2023-49774
audit@patchstack.com j0hnsmith–Testimonials Widget
  The Testimonials Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s testimonials shortcode in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-4705
security@wordfence.com
security@wordfence.com Jewel Theme–Master Addons for Elementor
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.5.9. 2024-06-08 6.5 CVE-2024-35688
audit@patchstack.com Jewel Theme–Master Addons for Elementor
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Jewel Theme Master Addons for Elementor allows Stored XSS.This issue affects Master Addons for Elementor: from n/a through 2.0.6.0. 2024-06-08 6.5 CVE-2024-35702
audit@patchstack.com johnnash1975–Easy Social Like Box Popup Sidebar Widget
  The Easy Social Like Box – Popup – Sidebar Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘cardoza_facebook_like_box’ shortcode in all versions up to, and including, 4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-5224
security@wordfence.com
security@wordfence.com JumpDEMAND Inc.–ActiveDEMAND
  Cross-Site Request Forgery (CSRF) vulnerability in JumpDEMAND Inc. ActiveDEMAND.This issue affects ActiveDEMAND: from n/a through 0.2.43. 2024-06-03 4.3 CVE-2024-35638
audit@patchstack.com Kharim Tomlinson–WP Next Post Navi
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Kharim Tomlinson WP Next Post Navi allows Stored XSS.This issue affects WP Next Post Navi: from n/a through 1.8.3. 2024-06-03 5.9 CVE-2024-34793
audit@patchstack.com Kognetiks–Kognetiks Chatbot for WordPress
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Kognetiks Kognetiks Chatbot for WordPress allows Stored XSS.This issue affects Kognetiks Chatbot for WordPress: from n/a through 1.9.8. 2024-06-08 6.5 CVE-2024-35738
audit@patchstack.com LabVantage–LIMS
  A vulnerability classified as critical was found in LabVantage LIMS 2017. This vulnerability affects unknown code of the file /labvantage/rc?command=page&page=SampleList&_iframename=list of the component POST Request Handler. The manipulation of the argument param1 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-267454 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2024-06-08 6.3 CVE-2024-5771
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com Lester GaMerZ Chan–WP-PostRatings
  Improper Control of Interaction Frequency vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings allows Functionality Misuse.This issue affects WP-PostRatings: from n/a through 1.91. 2024-06-04 5.3 CVE-2023-40332
audit@patchstack.com litonice13–Master Addons Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor
  The Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘ma-template’ REST API route in all versions up to, and including, 2.0.6.1. This makes it possible for unauthenticated attackers to create or modify existing Master Addons templates or make settings modifications related to these templates. 2024-06-07 6.5 CVE-2024-5382
security@wordfence.com
security@wordfence.com Lukman Nakib–Debug Log Manger Tool
  Insertion of Sensitive Information into Log File vulnerability in Lukman Nakib Debug Log – Manger Tool.This issue affects Debug Log – Manger Tool: from n/a through 1.4.5. 2024-06-03 5.3 CVE-2024-34798
audit@patchstack.com MagniGenie–RestroPress
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in MagniGenie RestroPress allows Stored XSS.This issue affects RestroPress: from n/a through 3.1.2.1. 2024-06-08 6.5 CVE-2024-35719
audit@patchstack.com Marketing Fire, LLC–Widget Options – Extended
  Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Marketing Fire, LLC Widget Options – Extended.This issue affects Widget Options – Extended: from n/a through 5.1.0. 2024-06-08 6.5 CVE-2024-35691
audit@patchstack.com
audit@patchstack.com melapress–Admin Notices Manager
  The Admin Notices Manager plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the handle_ajax_call() function in all versions up to, and including, 1.4.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve a list of registered user emails. 2024-06-04 4.3 CVE-2024-1717
security@wordfence.com
security@wordfence.com Menno Luitjes–Foyer
  Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Menno Luitjes Foyer allows Code Injection.This issue affects Foyer: from n/a through 1.7.5. 2024-06-04 4.6 CVE-2023-47663
audit@patchstack.com Mervin Praison–Praison SEO WordPress
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Mervin Praison Praison SEO WordPress allows Stored XSS.This issue affects Praison SEO WordPress: from n/a through 4.0.15. 2024-06-03 6.5 CVE-2024-34801
audit@patchstack.com metagauss–ProfileGrid User Profiles, Groups and Communities
  The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pm_dismissible_notice and pm_wizard_update_group_icon functions in all versions up to, and including, 5.8.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary options to the value ‘1’ or change group icons. 2024-06-05 4.3 CVE-2024-5453
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com Metagauss–RegistrationMagic
  Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.2.5.0. 2024-06-04 5.3 CVE-2023-51543
audit@patchstack.com Metagauss–RegistrationMagic
  Improper Control of Interaction Frequency vulnerability in Metagauss RegistrationMagic allows Functionality Misuse.This issue affects RegistrationMagic: from n/a through 5.2.5.0. 2024-06-04 5.3 CVE-2023-51544
audit@patchstack.com miniorange–Malware Scanner
  Authentication Bypass by Spoofing vulnerability in miniorange Malware Scanner allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Malware Scanner: from n/a through 4.7.1. 2024-06-04 5.3 CVE-2023-52176
audit@patchstack.com MongoDB Inc–PyMongo
  An out-of-bounds read in the ‘bson’ module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory. 2024-06-05 4.7 CVE-2024-5629
cna@mongodb.com moveaddons–Move Addons for Elementor
  Missing Authorization vulnerability in moveaddons Move Addons for Elementor.This issue affects Move Addons for Elementor: from n/a through 1.2.9. 2024-06-04 5.3 CVE-2024-30525
audit@patchstack.com mpntod–Rotating Tweets (Twitter widget and shortcode)
  The Rotating Tweets (Twitter widget and shortcode) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s’ ‘rotatingtweets’ in all versions up to, and including, 1.9.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-5141
security@wordfence.com
security@wordfence.com N/A–Church Admin
  Server-Side Request Forgery (SSRF) vulnerability in Church Admin.This issue affects Church Admin: from n/a through 4.3.6. 2024-06-03 4.4 CVE-2024-35637
audit@patchstack.com N/A–KiviCare
  Authorization Bypass Through User-Controlled Key vulnerability in KiviCare.This issue affects KiviCare: from n/a through 3.6.2. 2024-06-08 5.3 CVE-2024-35659
audit@patchstack.com n/a–n/a
  An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on hal_req->num_config_discovery_attr coming from userspace, which can lead to a heap overwrite. 2024-06-05 6.7 CVE-2024-27370
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite. 2024-06-05 6.7 CVE-2024-27371
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->infrastructure_ssid_len coming from userspace, which can lead to a heap overwrite. 2024-06-05 6.7 CVE-2024-27372
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->mesh_id_len coming from userspace, which can lead to a heap overwrite. 2024-06-05 6.7 CVE-2024-27373
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_publish_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite. 2024-06-05 6.7 CVE-2024-27374
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->sdea_service_specific_info_len coming from userspace, which can lead to a heap overwrite. 2024-06-05 6.7 CVE-2024-27375
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_subscribe_get_nl_params(), there is no input validation check on hal_req->rx_match_filter_len coming from userspace, which can lead to a heap overwrite. 2024-06-05 6.7 CVE-2024-27376
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_get_security_info_nl(), there is no input validation check on sec_info->key_info.body.pmk_info.pmk_len coming from userspace, which can lead to a heap overwrite. 2024-06-05 6.7 CVE-2024-27377
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame_cert(), there is no input validation check on len coming from userspace, which can lead to a heap over-read. 2024-06-05 6 CVE-2024-27378
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_subscribe_get_nl_params(), there is no input validation check on hal_req->num_intf_addr_present coming from userspace, which can lead to a heap overwrite. 2024-06-05 6.7 CVE-2024-27379
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_set_delayed_wakeup_type(), there is no input validation check on a length of ioctl_args->args[i] coming from userspace, which can lead to a heap over-read. 2024-06-05 6 CVE-2024-27380
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame_ut(), there is no input validation check on len coming from userspace, which can lead to a heap over-read. 2024-06-05 6 CVE-2024-27381
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame(), there is no input validation check on len coming from userspace, which can lead to a heap over-read. 2024-06-05 6 CVE-2024-27382
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor EExynos 2200, Exynos 1480, Exynos 2400. It lacks a check for the validation of native handles, which can result in an Out-of-Bounds Write. 2024-06-07 6.8 CVE-2024-31958
cve@mitre.org n/a–n/a
  Ariane Allegro Scenario Player through 2024-03-05, when Ariane Duo kiosk mode is used, allows physically proximate attackers to obtain sensitive information (such as hotel invoice content with PII), and potentially create unauthorized room keys, by entering a guest-search quote character and then accessing the underlying Windows OS. 2024-06-06 6.8 CVE-2024-37364
cve@mitre.org
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor, Automotive Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. The baseband software does not properly check format types specified by the RRC. This can lead to a lack of encryption. 2024-06-05 5.3 CVE-2023-49927
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 2400, 9110, W920, W930, Modem 5123, Modem 5300, and Auto T5123. The baseband software does not properly check states specified by the RRC (Radio Resource Control) module. This can lead to disclosure of sensitive information. 2024-06-05 5.9 CVE-2024-28818
cve@mitre.org n/a–n/a
  An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 2200, 1280, 1380, 1330, 2400, 9110, W920, W930, Modem 5123, Modem 5300, and Auto T5123. The baseband software does not properly check states specified by the RRC (Radio Resource Control) Reconfiguration message. This can lead to disclosure of sensitive information. 2024-06-04 5.9 CVE-2024-29152
cve@mitre.org N/A–RT Easy Builder Advanced addons for Elementor
  Missing Authorization vulnerability in RT Easy Builder – Advanced addons for Elementor.This issue affects RT Easy Builder – Advanced addons for Elementor: from n/a through 2.0. 2024-06-04 4.3 CVE-2024-30484
audit@patchstack.com nalam-1–Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library )
  The Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor Templates Library ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_id’ parameter in all versions up to, and including, 1.1.39 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-5161
security@wordfence.com
security@wordfence.com
security@wordfence.com nayrathemes–Clever Fox
  The Clever Fox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s info box block in all versions up to, and including, 25.2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-07 6.4 CVE-2024-1768
security@wordfence.com
security@wordfence.com nayrathemes–Clever Fox
  The Clever Fox – One Click Website Importer by Nayra Themes plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘clever-fox-activate-theme’ function in all versions up to, and including, 25.2.0. This makes it possible for authenticated attackers, with subscriber access and above, to modify the active theme, including to an invalid value which can take down the site. 2024-06-07 5.4 CVE-2023-6876
security@wordfence.com
security@wordfence.com
security@wordfence.com ndijkstra–Mollie Forms
  The Mollie Forms plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.6.13. This is due to missing or incorrect nonce validation on the duplicateForm() function. This makes it possible for unauthenticated attackers to duplicate forms via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. 2024-06-05 4.3 CVE-2024-2368
security@wordfence.com
security@wordfence.com Netentsec–NS-ASG Application Security Gateway
  A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. This affects an unknown part of the file /admin/config_MT.php?action=delete. The manipulation of the argument Mid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266847. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2024-06-03 6.3 CVE-2024-5589
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com Netentsec–NS-ASG Application Security Gateway
  A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been declared as critical. This vulnerability affects unknown code of the file /protocol/iscuser/uploadiscuser.php of the component JSON Content Handler. The manipulation of the argument messagecontent leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266848. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. 2024-06-03 6.3 CVE-2024-5590
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com netty–netty-incubator-codec-ohttp
  netty-incubator-codec-ohttp is the OHTTP implementation for netty. BoringSSLAEADContext keeps track of how many OHTTP responses have been sent and uses this sequence number to calculate the appropriate nonce to use with the encryption algorithm. Unfortunately, two separate errors combine which would allow an attacker to cause the sequence number to overflow and thus the nonce to repeat. 2024-06-04 5.9 CVE-2024-36121
security-advisories@github.com
security-advisories@github.com Nitin Rathod–WP Forms Puzzle Captcha
  Improper Restriction of Excessive Authentication Attempts vulnerability in Nitin Rathod WP Forms Puzzle Captcha allows Functionality Bypass.This issue affects WP Forms Puzzle Captcha: from n/a through 4.1. 2024-06-04 5.3 CVE-2023-48276
audit@patchstack.com oslabs-beta–SkyScraper
  SkyScrape is a GUI Dashboard for AWS Infrastructure and Managing Resources and Usage Costs. SkyScrape’s API requests are currently unsecured HTTP requests, leading to potential vulnerabilities for the user’s temporary credentials and data. This affects version 1.0.0. 2024-06-07 6.4 CVE-2024-37163
security-advisories@github.com OTRS AG–OTRS
  The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to directories accessible by the web server, potentially leading to the execution of local code like Perl scripts. This issue affects OTRS: from 7.0.X through 7.0.49, 8.0.X, 2023.X, from 2024.X through 2024.3.2; ((OTRS)) Community Edition: from 6.0.1 through 6.0.34. 2024-06-06 6.3 CVE-2024-23793
security@otrs.com pandaboxwp–WP jQuery Lightbox
  The WP jQuery Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ attribute in all versions up to, and including, 1.5.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-07 6.4 CVE-2024-5425
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com pdfcrowd — save_as_pdf_plugin
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin by Pdfcrowd: from n/a through 3.2.3. 2024-06-04 5.4 CVE-2024-35649
audit@patchstack.com Peregrine themes–Bloglo
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Peregrine themes Bloglo allows Stored XSS.This issue affects Bloglo: from n/a through 1.1.3. 2024-06-08 6.5 CVE-2024-35715
audit@patchstack.com pickplugins–Gutenberg Blocks, Page Builder ComboBlocks
  The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tag’ attribute in blocks in all versions up to, and including, 2.2.80 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-07 6.4 CVE-2024-1988
security@wordfence.com
security@wordfence.com pickplugins–Gutenberg Blocks, Page Builder ComboBlocks
  The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel – Combo Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class’ attribute of the menu-wrap-item block in all versions up to, and including, 2.2.80 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-07 6.4 CVE-2024-4042
security@wordfence.com
security@wordfence.com PickPlugins–Tabs & Accordion
  Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in PickPlugins Tabs & Accordion allows Code Injection.This issue affects Tabs & Accordion: from n/a through 1.3.10. 2024-06-04 5.4 CVE-2023-40557
audit@patchstack.com PINPOINT.WORLD–Pinpoint Booking System
  External Control of Assumed-Immutable Web Parameter vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Functionality Misuse.This issue affects Pinpoint Booking System: from n/a through 2.9.9.3.4. 2024-06-04 6.5 CVE-2023-38520
audit@patchstack.com Plechev Andrey–WP-Recall
  Cross-Site Request Forgery (CSRF) vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.6. 2024-06-08 5.4 CVE-2024-35657
audit@patchstack.com Pluggabl LLC–Booster Elite for WooCommerce
  Improper Authentication vulnerability in Pluggabl LLC Booster Elite for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booster Elite for WooCommerce: from n/a before 7.1.3. 2024-06-04 6.5 CVE-2023-51511
audit@patchstack.com Pluggabl LLC–Booster for WooCommerce
  Improper Authentication vulnerability in Pluggabl LLC Booster for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booster for WooCommerce: from n/a through 7.1.2. 2024-06-04 6.5 CVE-2023-48747
audit@patchstack.com pluginever–WP Content Pilot Autoblogging & Affiliate Marketing Plugin
  Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in pluginever WP Content Pilot – Autoblogging & Affiliate Marketing Plugin allows Code Injection.This issue affects WP Content Pilot – Autoblogging & Affiliate Marketing Plugin: from n/a through 1.3.3. 2024-06-04 4.3 CVE-2023-45053
audit@patchstack.com pluginkollektiv–Antispam Bee
  Authentication Bypass by Spoofing vulnerability in pluginkollektiv Antispam Bee allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Antispam Bee: from n/a through 2.11.3. 2024-06-04 5.3 CVE-2023-41134
audit@patchstack.com Podlove–Podlove Web Player
  Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Podlove Podlove Web Player.This issue affects Podlove Web Player: from n/a through 5.7.3. 2024-06-08 5.3 CVE-2024-35710
audit@patchstack.com Popup Maker–Popup Maker WP
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Popup Maker Popup Maker WP allows Stored XSS.This issue affects Popup Maker WP: from n/a through 1.2.8. 2024-06-03 6.5 CVE-2024-34770
audit@patchstack.com POSIMYTH–The Plus Addons for Elementor Page Builder Lite
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Stored XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.5.4. 2024-06-08 6.5 CVE-2024-35709
audit@patchstack.com PropertyHive–PropertyHive
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in PropertyHive allows Stored XSS.This issue affects PropertyHive: from n/a through 2.0.13. 2024-06-08 6.5 CVE-2024-35701
audit@patchstack.com ptz0n–Google CSE
  The Google CSE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. 2024-06-06 4.4 CVE-2024-5656
security@wordfence.com
security@wordfence.com Pure Chat by Ruby–Pure Chat
  Cross-Site Request Forgery (CSRF) vulnerability in Pure Chat by Ruby Pure Chat.This issue affects Pure Chat: from n/a through 2.22. 2024-06-05 4.3 CVE-2024-35673
audit@patchstack.com purvabathe–Simple Image Popup Shortcode
  The Simple Image Popup Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘sips_popup’ shortcode in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-5342
security@wordfence.com
security@wordfence.com qodeinteractive–Qi Addons For Elementor
  The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s button widgets in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-4364
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com qodeinteractive–Qi Blocks
  The Qi Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s file uploader in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-5221
security@wordfence.com
security@wordfence.com Qualcomm, Inc.–Snapdragon
  Information disclosure while handling T2LM Action Frame in WLAN Host. 2024-06-03 6.5 CVE-2023-43537
product-security@qualcomm.com Qualcomm, Inc.–Snapdragon
  Memory corruption in Audio during a playback or a recording due to race condition between allocation and deallocation of graph object. 2024-06-03 6.7 CVE-2023-43543
product-security@qualcomm.com Qualcomm, Inc.–Snapdragon
  Memory corruption when IPC callback handle is used after it has been released during register callback by another thread. 2024-06-03 6.7 CVE-2023-43544
product-security@qualcomm.com Qualcomm, Inc.–Snapdragon
  Memory corruption when more scan frequency list or channels are sent from the user space. 2024-06-03 6.7 CVE-2023-43545
product-security@qualcomm.com Qualcomm, Inc.–Snapdragon
  transient DOS when setting up a fence callback to free a KGSL memory entry object during DMA. 2024-06-03 6.2 CVE-2024-21478
product-security@qualcomm.com quomodosoft–ElementsReady Addons for Elementor
  The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_id’ parameter in all versions up to, and including, 6.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-5152
security@wordfence.com
security@wordfence.com RadiusTheme–The Post Grid
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in RadiusTheme The Post Grid allows Stored XSS.This issue affects The Post Grid: from n/a through 7.7.1. 2024-06-08 6.5 CVE-2024-35739
audit@patchstack.com rails–rails
  Action Text brings rich text content and editing to Rails. Instances of ActionText::Attachable::ContentAttachment included within a rich_text_area tag could potentially contain unsanitized HTML. This vulnerability is fixed in 7.1.3.4 and 7.2.0.beta2. 2024-06-04 6.1 CVE-2024-32464
security-advisories@github.com
security-advisories@github.com rails–rails
  Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3. 2024-06-04 5.4 CVE-2024-28103
security-advisories@github.com
security-advisories@github.com Red Hat–Red Hat Satellite 6
  A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the –password parameter. This issue leaks the password in the process list and allows an attacker to take advantage and obtain the password. 2024-06-05 6.2 CVE-2024-3716
secalert@redhat.com
secalert@redhat.com Red Hat–Red Hat Satellite 6
  A flaw was found in the Katello plugin for Foreman, where it is possible to store malicious JavaScript code in the “Description” field of a user. This code can be executed when opening certain pages, for example, Host Collections. 2024-06-05 4.8 CVE-2024-4812
secalert@redhat.com
secalert@redhat.com restrict–Restrict for Elementor
  The Restrict for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.6 due to improper restrictions on hidden data that make it accessible through the REST API. This makes it possible for unauthenticated attackers to extract potentially sensitive data from post content. 2024-06-06 5.3 CVE-2024-0910
security@wordfence.com
security@wordfence.com Revolution Slider–Slider Revolution
  The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s Add Layer widget in all versions up to, and including, 6.7.11 due to insufficient input sanitization and output escaping on the user supplied ‘class’, ‘id’, and ‘title’ attributes. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: Successful exploitation of this vulnerability requires an Administrator to give Slider Creation privileges to Author-level users. 2024-06-04 6.4 CVE-2024-4581
security@wordfence.com
security@wordfence.com Revolution Slider–Slider Revolution
  The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.7.10 due to insufficient input sanitization and output escaping on the user supplied Elementor ‘wrapperid’ and ‘zindex’ display attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-04 6.4 CVE-2024-4637
security@wordfence.com
security@wordfence.com rubengc–GamiPress Link
  The GamiPress – Link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s gamipress_link shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-05 6.4 CVE-2024-5536
security@wordfence.com
security@wordfence.com rustaurius–Five Star Restaurant Menu and Food Ordering
  The Restaurant Menu and Food Ordering plugin for WordPress is vulnerable to unauthorized creation of data due to a missing capability check on ‘add_section’, ‘add_menu’, ‘add_menu_item’, and ‘add_menu_page’ functions in all versions up to, and including, 2.4.16. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create menu sections, menus, food items, and new menu pages. 2024-06-05 4.3 CVE-2024-5459
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com Samsung Mobile–GalaxyBudsManager PC
  Arbitrary directory creation in GalaxyBudsManager PC prior to version 2.1.240315.51 allows attacker to create arbitrary directory. 2024-06-04 6.2 CVE-2024-20887
mobile.security@samsung.com Samsung Mobile–Samsung Live Wallpaper PC 
  Arbitrary directory creation in Samsung Live Wallpaper PC prior to version 3.3.8.0 allows attacker to create arbitrary directory. 2024-06-04 6.2 CVE-2024-20886
mobile.security@samsung.com Samsung Mobile–Samsung Mobile Devices
  Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory corruption. 2024-06-04 6.1 CVE-2024-20876
mobile.security@samsung.com Samsung Mobile–Samsung Mobile Devices
  Stack-based buffer overflow vulnerability in bootloader prior to SMR Jun-2024 Release 1 allows physical attackers to overwrite memory. 2024-06-04 6.4 CVE-2024-20880
mobile.security@samsung.com Samsung Mobile–Samsung Mobile Devices
  Improper input validation vulnerability in chnactiv TA prior to SMR Jun-2024 Release 1 allows local privileged attackers lead to potential arbitrary code execution. 2024-06-04 6.4 CVE-2024-20881
mobile.security@samsung.com Samsung Mobile–Samsung Mobile Devices
  Incorrect use of privileged API vulnerability in registerBatteryStatsCallback in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API. 2024-06-04 6.2 CVE-2024-20883
mobile.security@samsung.com Samsung Mobile–Samsung Mobile Devices
  Incorrect use of privileged API vulnerability in getSemBatteryUsageStats in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API. 2024-06-04 6.2 CVE-2024-20884
mobile.security@samsung.com Samsung Mobile–Samsung Mobile Devices
  Improper component protection vulnerability in Samsung Dialer prior to SMR May-2024 Release 1 allows local attackers to make a call without proper permission. 2024-06-04 5.1 CVE-2024-20885
mobile.security@samsung.com Samsung Mobile–Samsung Mobile Devices
  Improper input validation vulnerability in caminfo driver prior to SMR Jun-2024 Release 1 allows local privileged attackers to write out-of-bounds memory. 2024-06-04 4.2 CVE-2024-20873
mobile.security@samsung.com Samsung Mobile–Samsung Mobile Devices
  Improper caller verification vulnerability in SemClipboard prior to SMR June-2024 Release 1 allows local attackers to access arbitrary files. 2024-06-04 4 CVE-2024-20875
mobile.security@samsung.com Samsung Mobile–Samsung Mobile Devices
  Improper input validation vulnerability in libsavscmn.so prior to SMR Jun-2024 Release 1 allows local attackers to write out-of-bounds memory. 2024-06-04 4 CVE-2024-20879
mobile.security@samsung.com Samsung Mobile–Samsung Mobile Devices
  Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data access. 2024-06-04 4.6 CVE-2024-20882
mobile.security@samsung.com satollo–Newsletter Send awesome emails from WordPress
  The Newsletter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘np1’ parameter in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-05 6.4 CVE-2024-5317
security@wordfence.com
security@wordfence.com sendinblue — newsletter,_smtp,_email_marketing_and_subscribe
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue allows Reflected XSS.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue: from n/a through 3.1.77. 2024-06-04 6.1 CVE-2024-35668
audit@patchstack.com Sensei–Sensei Pro (WC Paid Courses)
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Sensei Sensei Pro (WC Paid Courses) allows Stored XSS.This issue affects Sensei Pro (WC Paid Courses): from n/a through 4.23.1.1.23.1. 2024-06-08 6.5 CVE-2024-34765
audit@patchstack.com shafayat-alam–Gutenberg Blocks and Page Layouts Attire Blocks
  The Gutenberg Blocks and Page Layouts – Attire Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the disable_fe_assets function in all versions up to, and including, 1.9.2. This makes it possible for authenticated attackers, with subscriber access or above, to change the plugin’s settings. Additionally, no nonce check is performed resulting in a CSRF vulnerability. 2024-06-05 4.3 CVE-2024-4088
security@wordfence.com
security@wordfence.com shrinitech–Fluid Notification Bar
  The Fluid Notification Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. 2024-06-04 4.4 CVE-2024-3031
security@wordfence.com
security@wordfence.com silabs.com–Gecko SDK
  A bug exists in the API, mesh_node_power_off(), which fails to copy the contents of the Replay Protection List (RPL) from RAM to NVM before powering down, resulting in the ability to replay unsaved messages. Note that as of June 2024, the Gecko SDK was renamed to the Simplicity SDK, and the versioning scheme was changed from Gecko SDK vX.Y.Z to Simplicity SDK YYYY.MM.Patch#. 2024-06-06 5.6 CVE-2024-4013
product-security@silabs.com
product-security@silabs.com SinaExtra–Sina Extension for Elementor
  Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in SinaExtra Sina Extension for Elementor allows PHP Local File Inclusion.This issue affects Sina Extension for Elementor: from n/a through 3.5.1. 2024-06-04 6.5 CVE-2024-34384
audit@patchstack.com SinaExtra–Sina Extension for Elementor
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in SinaExtra Sina Extension for Elementor allows Stored XSS.This issue affects Sina Extension for Elementor: from n/a through 3.5.3. 2024-06-08 6.5 CVE-2024-35703
audit@patchstack.com SoftLab–Integrate Google Drive
  Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93. 2024-06-04 5.3 CVE-2024-35670
audit@patchstack.com solarwinds — solarwinds_platform
  The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability. 2024-06-04 4.8 CVE-2024-29004
psirt@solarwinds.com
psirt@solarwinds.com Spiffy Plugins–Spiffy Calendar
  Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar.This issue affects Spiffy Calendar: from n/a through 4.9.10. 2024-06-04 5.4 CVE-2024-30528
audit@patchstack.com spiffyplugins — wp_flow_plus
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Spiffy Plugins WP Flow Plus allows Stored XSS.This issue affects WP Flow Plus: from n/a through 5.2.2. 2024-06-04 5.4 CVE-2024-35651
audit@patchstack.com StarCitizenTools–mediawiki-skins-Citizen
  Citizen is a MediaWiki skin that makes extensions part of the cohesive experience. The page `MediaWiki:Tagline` has its contents used unescaped, so custom HTML (including Javascript) can be injected by someone with the ability to edit the MediaWiki namespace (typically those with the `editinterface` permission, or sysops). This vulnerability is fixed in 2.16.0. 2024-06-03 6.5 CVE-2024-36123
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com
security-advisories@github.com sulu–SuluFormBundle
  The SuluFormBundle adds support for creating dynamic forms in Sulu Admin. The TokenController get parameter formName is not sanitized in the returned input field which leads to XSS. This vulnerability is fixed in 2.5.3. 2024-06-06 6.1 CVE-2024-37156
security-advisories@github.com
security-advisories@github.com Synology–Camera Firmware
  A vulnerability regarding buffer copy without checking the size of input (‘Classic Buffer Overflow’) has been found in the login component. This allows remote attackers to conduct denial-of-service attacks via unspecified vectors. This attack only affects the login service which will automatically restart. The following models with Synology Camera Firmware versions before 1.1.1-0383 may be affected: BC500 and TC500. 2024-06-04 6.5 CVE-2024-5463
security@synology.com tagDiv–tagDiv Composer
  The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s button shortcode in all versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: The vulnerable code in this plugin is specifically tied to the tagDiv Newspaper theme. If another theme is installed (e.g., NewsMag), this code may not be present. 2024-06-04 6.4 CVE-2024-3888
security@wordfence.com
security@wordfence.com Tainacan.org–Tainacan
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Tainacan.Org Tainacan allows Stored XSS.This issue affects Tainacan: from n/a through 0.21.3. 2024-06-03 6.5 CVE-2024-34795
audit@patchstack.com takanakui–WP Mobile Menu The Mobile-Friendly Responsive Menu
  The WP Mobile Menu – The Mobile-Friendly Responsive Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image alt text in all versions up to, and including, 2.8.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-07 5.4 CVE-2024-3987
security@wordfence.com
security@wordfence.com Team Heateor–Heateor Social Login
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Team Heateor Heateor Social Login allows Stored XSS.This issue affects Heateor Social Login: from n/a through 1.1.32. 2024-06-08 6.5 CVE-2024-35707
audit@patchstack.com TemplatesNext–TemplatesNext OnePager
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in TemplatesNext TemplatesNext OnePager allows Stored XSS.This issue affects TemplatesNext OnePager: from n/a through 1.3.3. 2024-06-08 6.5 CVE-2024-35753
audit@patchstack.com Theme Freesia–Event
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Theme Freesia Event allows Stored XSS.This issue affects Event: from n/a through 1.2.2. 2024-06-08 6.5 CVE-2024-35711
audit@patchstack.com Theme Freesia–Idyllic
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Theme Freesia Idyllic allows Stored XSS.This issue affects Idyllic: from n/a through 1.1.8. 2024-06-08 6.5 CVE-2024-35714
audit@patchstack.com Theme Freesia–Pixgraphy
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Theme Freesia Pixgraphy allows Stored XSS.This issue affects Pixgraphy: from n/a through 1.3.8. 2024-06-08 6.5 CVE-2024-35740
audit@patchstack.com themefarmer–WooCommerce Tools
  The WooCommerce Tools plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the woocommerce_tool_toggle_module() function in all versions up to, and including, 1.2.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to deactivate arbitrary plugin modules. 2024-06-07 5.3 CVE-2024-1689
security@wordfence.com
security@wordfence.com
security@wordfence.com themefusecom–Brizy Page Builder
  The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s contact form widget error message and redirect URL in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping on user supplied error messages. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-05 6.4 CVE-2024-1164
security@wordfence.com
security@wordfence.com Themeisle–Otter Blocks PRO
  Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Themeisle Otter Blocks PRO.This issue affects Otter Blocks PRO: from n/a through 2.6.11. 2024-06-08 4.3 CVE-2024-35682
audit@patchstack.com themekraft — buddyforms
  The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up to, and including, 2.8.9 via the use of an insufficiently random activation code. This makes it possible for unauthenticated attackers to bypass the email verification. 2024-06-05 5.3 CVE-2024-5149
security@wordfence.com
security@wordfence.com themesflat — themesflat_addons_for_elementor
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Themesflat Themesflat Addons For Elementor allows Stored XSS.This issue affects Themesflat Addons For Elementor: from n/a through 2.1.2. 2024-06-04 5.4 CVE-2024-35666
audit@patchstack.com themesflat–Themesflat Addons For Elementor
  The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget tags in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-2922
security@wordfence.com
security@wordfence.com themesflat–Themesflat Addons For Elementor
  The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s TF Group Image, TF Nav Menu, TF Posts, TF Woo Product Grid, TF Accordion, and TF Image Box widgets in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-4212
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com themesflat–Themesflat Addons For Elementor
  The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in several widgets via URL parameters in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-4458
security@wordfence.com
security@wordfence.com themesflat–Themesflat Addons For Elementor
  The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s widget’s titles in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-4459
security@wordfence.com
security@wordfence.com themeum–Tutor LMS eLearning and online course solution
  The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.7.1 via the ‘attempt_delete’ function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Instructor-level access and above, to delete arbitrary quiz attempts. 2024-06-07 4.3 CVE-2024-5438
security@wordfence.com
security@wordfence.com
security@wordfence.com thimpress–LearnPress WordPress LMS Plugin
  The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.6.8 due to incorrect implementation of get_items_permissions_check function. This makes it possible for unauthenticated attackers to extract basic information about website users, including their emails 2024-06-05 5.3 CVE-2024-5483
security@wordfence.com
security@wordfence.com Tips and Tricks HQ–Stripe Payments
  Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Tips and Tricks HQ Stripe Payments allows Code Injection.This issue affects Stripe Payments: from n/a through 2.0.79. 2024-06-04 5.3 CVE-2023-48285
audit@patchstack.com TNB Mobile Solutions–Cockpit Software
  Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit Software allows Retrieve Embedded Sensitive Data.This issue affects Cockpit Software: before v0.251.1. 2024-06-05 5.3 CVE-2024-1272
iletisim@usom.gov.tr tobiasbg–TablePress Tables in WordPress made easy
  The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.3 via the get_files_to_import() function. This makes it possible for authenticated attackers, with author-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Due to the complex nature of protecting against DNS rebind attacks in WordPress software, we settled on the developer simply restricting the usage of the URL import functionality to just administrators. While this is not optimal, we feel this poses a minimal risk to most site owners and ideally WordPress core would correct this issue in wp_safe_remote_get() and other functions. 2024-06-07 6.4 CVE-2024-4354
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com Tomas Cordero–Safety Exit
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Tomas Cordero Safety Exit allows Stored XSS.This issue affects Safety Exit: from n/a through 1.7.0. 2024-06-03 5.9 CVE-2024-35640
audit@patchstack.com UAPP GROUP–Testimonial Carousel For Elementor
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in UAPP GROUP Testimonial Carousel For Elementor allows Stored XSS.This issue affects Testimonial Carousel For Elementor: from n/a through 10.1.1. 2024-06-08 6.5 CVE-2024-35713
audit@patchstack.com Unlimited Elements–Unlimited Elements For Elementor (Free Widgets, Addons, Templates)
  Missing Authorization vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates).This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.109. 2024-06-05 4.3 CVE-2024-35674
audit@patchstack.com victorfreitas–WPUpper Share Buttons
  The WPUpper Share Buttons plugin for WordPress is vulnerable to unauthorized access of data when preparing sharing links for posts and pages in all versions up to, and including, 3.43. This makes it possible for unauthenticated attackers to obtain the contents of password protected posts and pages. 2024-06-04 5.3 CVE-2024-4997
security@wordfence.com
security@wordfence.com VideoWhisper–Picture Gallery
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in VideoWhisper Picture Gallery allows Stored XSS.This issue affects Picture Gallery: from n/a through 1.5.11. 2024-06-04 6.5 CVE-2024-34759
audit@patchstack.com visualcomposer — visual_composer_website_builder
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in visualcomposer.Com Visual Composer Website Builder allows Stored XSS.This issue affects Visual Composer Website Builder: from n/a through 45.8.0. 2024-06-04 5.4 CVE-2024-35653
audit@patchstack.com Volkswagen Group Charging GmbH – Elli, EVBox–ID Charger Connect & Pro
  An attacker with access to the private network (the charger is connected to) or local access to the Ethernet-Interface can exploit a faulty implementation of the JWT-library in order to bypass the password authentication to the web configuration interface and then has full access as the user would have. However, an attacker will not have developer or admin rights. If the implementation of the JWT-library is wrongly configured to accept “none”-algorithms, the server will pass insecure JWT. A local, unauthenticated attacker can exploit this vulnerability to bypass the authentication mechanism. 2024-06-06 6.3 CVE-2024-5684
cve@asrg.io vollstart — event_tickets_with_ticket_scanner
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Saso Nikolov Event Tickets with Ticket Scanner allows Reflected XSS.This issue affects Event Tickets with Ticket Scanner: from n/a through 2.3.1. 2024-06-04 6.1 CVE-2024-35652
audit@patchstack.com Vsourz Digital–Responsive Slick Slider WordPress
  Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Vsourz Digital Responsive Slick Slider WordPress allows Code Injection.This issue affects Responsive Slick Slider WordPress: from n/a through 1.4. 2024-06-04 6.5 CVE-2023-49852
audit@patchstack.com wbcomdesigns–Wbcom Designs Custom Font Uploader
  The Wbcom Designs – Custom Font Uploader plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ‘cfu_delete_customfont’ function in all versions up to, and including, 2.3.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete any custom font. 2024-06-06 4.3 CVE-2024-5489
security@wordfence.com
security@wordfence.com
security@wordfence.com wcmp–MultiVendorX Marketplace WooCommerce MultiVendor Marketplace Solution
  The MultiVendorX Marketplace – WooCommerce MultiVendor Marketplace Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hover_animation’ parameter in all versions up to, and including, 4.1.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-5259
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com web-audimex — audimexee
  Cross Site Scripting vulnerability in audimex audimexEE v.15.1.2 and fixed in 15.1.3.9 allows a remote attacker to execute arbitrary code via the service, method, widget_type, request_id, payload parameters. 2024-06-04 5.4 CVE-2024-30889
cve@mitre.org WebFactory Ltd–Captcha Code
  Improper Restriction of Excessive Authentication Attempts vulnerability in WebFactory Ltd Captcha Code allows Functionality Bypass.This issue affects Captcha Code: from n/a through 2.9. 2024-06-04 5.3 CVE-2023-48745
audit@patchstack.com webfactory–Minimal Coming Soon Coming Soon Page
  The Minimal Coming Soon – Coming Soon Page plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the validate_ajax, deactivate_ajax, and save_ajax functions in all versions up to, and including, 2.38. This makes it possible for authenticated attackers, with Subscriber-level access and above, to edit the license key, which could disable features of the plugin. 2024-06-08 6.3 CVE-2024-5087
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com webfactory–WP Force SSL & HTTPS SSL Redirect
  The WP Force SSL & HTTPS SSL Redirect plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘ajax_save_setting’ function in versions up to, and including, 1.66. This makes it possible for authenticated attackers, subscriber-level permissions and above, to update the plugin settings. 2024-06-08 4.2 CVE-2024-5770
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com webfactory–WP Reset Most Advanced WordPress Reset Tool
  The WP Reset plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_ajax function in all versions up to, and including, 2.02. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify the value fo the ‘License Key’ field for the ‘Activate Pro License’ setting. 2024-06-08 4.3 CVE-2024-4661
security@wordfence.com
security@wordfence.com Webliberty–Simple Spoiler
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in Webliberty Simple Spoiler allows Stored XSS.This issue affects Simple Spoiler: from n/a through 1.2. 2024-06-03 5.9 CVE-2024-35639
audit@patchstack.com westerndeal–CF7 Google Sheets Connector
  The CF7 Google Sheets Connector plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ‘execute_post_data_cg7_free’ function in all versions up to, and including, 5.0.9. This makes it possible for unauthenticated attackers to toggle site configuration settings, including WP_DEBUG, WP_DEBUG_LOG, SCRIPT_DEBUG, and SAVEQUERIES. 2024-06-08 6.5 CVE-2024-5654
security@wordfence.com
security@wordfence.com
security@wordfence.com westguard–WS Form LITE Drag & Drop Contact Form Builder for WordPress
  The WS Form LITE plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.9.217. This allows unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system with a vulnerable configuration. 2024-06-07 4.7 CVE-2023-5424
security@wordfence.com
security@wordfence.com
security@wordfence.com willnorris–Open Graph
  The Open Graph plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.2 via the ‘opengraph_default_description’ function. This makes it possible for unauthenticated attackers to extract sensitive data including partial content of password-protected blog posts. 2024-06-06 5.3 CVE-2024-5615
security@wordfence.com
security@wordfence.com
security@wordfence.com wordpresschef–Salon Booking System
  The Salon booking system plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on several functions hooked into admin_init in all versions up to, and including, 9.9. This makes it possible for authenticated attackers with subscriber access or higher to modify plugin settings and view discount codes intended for other users. 2024-06-08 4.3 CVE-2024-4468
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com Wow-Company–Woocommerce Recent Purchases
  Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Wow-Company Woocommerce – Recent Purchases allows PHP Local File Inclusion.This issue affects Woocommerce – Recent Purchases: from n/a through 1.0.1. 2024-06-04 4.9 CVE-2024-35634
audit@patchstack.com WP Darko–Responsive Tabs
  Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WP Darko Responsive Tabs allows Code Injection.This issue affects Responsive Tabs: from n/a before 4.0.6. 2024-06-04 5.4 CVE-2023-45635
audit@patchstack.com WP Discussion Board–Discussion Board
  Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WP Discussion Board Discussion Board allows Content Spoofing, Cross-Site Scripting (XSS).This issue affects Discussion Board: from n/a through 2.4.8. 2024-06-04 5.4 CVE-2023-39161
audit@patchstack.com WP Hait–Post Grid Elementor Addon
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in WP Hait Post Grid Elementor Addon allows Stored XSS.This issue affects Post Grid Elementor Addon: from n/a through 2.0.16. 2024-06-03 6.5 CVE-2024-34789
audit@patchstack.com WP Moose–Kenta Gutenberg Blocks Responsive Blocks and block templates library for Gutenberg Editor
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in WP Moose Kenta Gutenberg Blocks Responsive Blocks and block templates library for Gutenberg Editor allows Stored XSS.This issue affects Kenta Gutenberg Blocks Responsive Blocks and block templates library for Gutenberg Editor: from n/a through 1.3.9. 2024-06-08 6.5 CVE-2024-35731
audit@patchstack.com wpbean–WPB Elementor Addons
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in wpbean WPB Elementor Addons allows Stored XSS.This issue affects WPB Elementor Addons: from n/a through 1.0.9. 2024-06-03 6.5 CVE-2024-34791
audit@patchstack.com WPBlockArt–BlockArt Blocks
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in WPBlockArt BlockArt Blocks allows Stored XSS.This issue affects BlockArt Blocks: from n/a through 2.1.5. 2024-06-08 6.5 CVE-2024-35704
audit@patchstack.com wpchill–Strong Testimonials
  The Strong Testimonials plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the wpmtst_save_view_sticky function in all versions up to, and including, 3.1.12. This makes it possible for authenticated attackers, with contributor access and above, to modify favorite views. 2024-06-07 4.3 CVE-2023-6491
security@wordfence.com
security@wordfence.com WPDeveloper–Essential Addons for Elementor
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in WPDeveloper Essential Addons for Elementor allows Stored XSS.This issue affects Essential Addons for Elementor: from n/a through 5.9.15. 2024-06-03 6.5 CVE-2024-34764
audit@patchstack.com wpdevteam–EmbedPress Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor
  The EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ attribute within the plugin’s EmbedPress PDF widget in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-05 6.4 CVE-2024-5571
security@wordfence.com
security@wordfence.com
security@wordfence.com wpdevteam–Essential Addons for Elementor Best Elementor Templates, Widgets, Kits & WooCommerce Builders
  The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘get_manual_calendar_events’ function in all versions up to, and including, 5.9.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-5188
security@wordfence.com
security@wordfence.com
security@wordfence.com wpecommerce–Recurring PayPal Donations
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in wpecommerce Recurring PayPal Donations allows Stored XSS.This issue affects Recurring PayPal Donations: from n/a through 1.7. 2024-06-08 6.5 CVE-2024-35676
audit@patchstack.com WPManageNinja LLC–Ninja Tables
  Server-Side Request Forgery (SSRF) vulnerability in WPManageNinja LLC Ninja Tables.This issue affects Ninja Tables: from n/a through 5.0.9. 2024-06-03 4.4 CVE-2024-35635
audit@patchstack.com WPMU DEV–Branda
  Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Branda: from n/a through 3.4.14. 2024-06-04 5.3 CVE-2023-51542
audit@patchstack.com WPMU DEV–Defender Security
  Improper Authentication vulnerability in WPMU DEV Defender Security allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Defender Security: from n/a through 4.2.0. 2024-06-04 5.3 CVE-2023-47189
audit@patchstack.com wponlinesupport–Album and Image Gallery plus Lightbox
  The The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. 2024-06-06 6.5 CVE-2024-4194
security@wordfence.com
security@wordfence.com
security@wordfence.com WPPlugins WordPress Security Plugins–Hide My WP Ghost
  Improper Restriction of Excessive Authentication Attempts vulnerability in WPPlugins – WordPress Security Plugins Hide My WP Ghost allows Functionality Bypass.This issue affects Hide My WP Ghost: from n/a through 5.0.25. 2024-06-04 5.3 CVE-2023-34001
audit@patchstack.com wppool–WP Dark Mode WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing
  The WP Dark Mode – WordPress Dark Mode Plugin for Improved Accessibility, Dark Theme, Night Mode, and Social Sharing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdm_social_share_save_options function in all versions up to, and including, 5.0.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the plugin’s settings. 2024-06-06 4.3 CVE-2024-5449
security@wordfence.com
security@wordfence.com
security@wordfence.com wppost–WP-Recall Registration, Profile, Commerce & More
  The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ‘delete_payment’ function in all versions up to, and including, 16.26.6. This makes it possible for unauthenticated attackers to delete arbitrary payments. 2024-06-06 5.3 CVE-2024-1175
security@wordfence.com
security@wordfence.com wproyal–Royal Elementor Addons and Templates
  The Royal Elementor Addons and Templates for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘inline_list’ parameter in versions up to, and including, 1.3.976 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-07 6.4 CVE-2024-4488
security@wordfence.com
security@wordfence.com
security@wordfence.com wproyal–Royal Elementor Addons and Templates
  The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘custom_upload_mimes’ function in versions up to, and including, 1.3.976 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-07 6.4 CVE-2024-4489
security@wordfence.com
security@wordfence.com
security@wordfence.com wpvivid — wpvivid_backup_for_mainwp
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in WPvivid Team WPvivid Backup for MainWP allows Reflected XSS.This issue affects WPvivid Backup for MainWP: from n/a through 0.9.32. 2024-06-04 6.1 CVE-2024-35664
audit@patchstack.com wpweaver–Weaver Xtreme Theme Support
  The Weaver Xtreme Theme Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s div shortcode in all versions up to, and including, 6.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-05 6.4 CVE-2024-4939
security@wordfence.com
security@wordfence.com wpxpo–Post Grid Gutenberg Blocks and WordPress Blog Plugin PostX
  The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the filterMobileText parameter in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-08 6.4 CVE-2024-5758
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com Xabier Miranda–WP Back Button
  Cross Site Scripting (XSS) vulnerability in Xabier Miranda WP Back Button allows Stored XSS.This issue affects WP Back Button: from n/a through 1.1.3. 2024-06-03 5.9 CVE-2024-35643
audit@patchstack.com xootix–Login/Signup Popup ( Inline Form + Woocommerce )
  The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ‘export_settings’ function in versions 2.7.1 to 2.7.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read arbitrary options on affected sites. 2024-06-06 4.3 CVE-2024-5665
security@wordfence.com
security@wordfence.com
security@wordfence.com YITH–YITH Custom Login
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in YITH YITH Custom Login allows Stored XSS.This issue affects YITH Custom Login: from n/a through 1.7.0. 2024-06-08 5.9 CVE-2024-35732
audit@patchstack.com YITH–YITH WooCommerce Tab Manager
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in YITH YITH WooCommerce Tab Manager allows Stored XSS.This issue affects YITH WooCommerce Tab Manager: from n/a through 1.35.0. 2024-06-08 5.9 CVE-2024-35698
audit@patchstack.com YITH–YITH WooCommerce Wishlist
  Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in YITH YITH WooCommerce Wishlist allows Stored XSS.This issue affects YITH WooCommerce Wishlist: from n/a through 3.32.0. 2024-06-03 5.9 CVE-2024-34385
audit@patchstack.com yonifre–Maspik Spam blacklist
  Authentication Bypass by Spoofing vulnerability in yonifre Maspik – Spam blacklist allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Maspik – Spam blacklist: from n/a through 0.10.3. 2024-06-04 5.3 CVE-2023-48271
audit@patchstack.com zhuyi–BuddyPress Members Only
  The BuddyPress Members Only plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.5 via the REST API. This makes it possible for unauthenticated attackers to bypass the plugin’s “All Other Sections On Your Site Will be Opened to Guest” feature (when unset) and view restricted page and post content. 2024-06-06 5.3 CVE-2024-0972
security@wordfence.com
security@wordfence.com zootemplate–Clever Addons for Elementor
  The Clever Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the CAFE Icon, CAFE Team Member, and CAFE Slider widgets in all versions up to, and including, 2.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 2024-06-06 6.4 CVE-2024-2350
security@wordfence.com
security@wordfence.com
security@wordfence.com
security@wordfence.com

 

ninjateam–GDPR CCPA Compliance & Cookie Consent Banner
 

The GDPR CCPA Compliance & Cookie Consent Banner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions named ajaxUpdateSettings() in all versions up to, and including, 2.7.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify the plugin’s settings, update page content, send arbitrary emails and inject malicious web scripts. 2024-06-07 5.4 CVE-2024-5607
security@wordfence.com
security@wordfence.com



Source link
lol

10up–ElasticPress  Cross-Site Request Forgery (CSRF) vulnerability in 10up ElasticPress.This issue affects ElasticPress: from n/a through 5.1.0. 2024-06-08 4.3 CVE-2024-35684audit@patchstack.com 10up–Restricted Site Access  Authentication Bypass by Spoofing vulnerability in 10up Restricted Site Access allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Restricted Site Access: from n/a through 7.4.1. 2024-06-04 5.3 CVE-2023-48753audit@patchstack.com 10Web Form Builder…

Leave a Reply

Your email address will not be published. Required fields are marked *