Skip to main content
CVE-2024-3087 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Emergency Ambulance Hiring Portal
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-3085 CRITICAL POC Act Now

A vulnerability classified as critical has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Emergency Ambulance Hiring Portal
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-1522 HIGH POC PATCH This Week

A Cross-Site Request Forgery (CSRF) vulnerability in the parisneo/lollms-webui project allows remote attackers to execute arbitrary code on a victim's system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE CSRF Lollms Web Ui
NVD GitHub
CVSS 3.0
8.8
EPSS
0.4%
CVE-2024-3088 HIGH POC This Week

A vulnerability, which was classified as critical, was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Emergency Ambulance Hiring Portal
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.8%
CVE-2024-2086 CRITICAL Act Now

The Integrate Google Drive - Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google WordPress Authentication Bypass
NVD VulDB
CVSS 3.1
10.0
EPSS
0.7%
CVE-2024-3086 MEDIUM POC This Month

A vulnerability classified as problematic was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Emergency Ambulance Hiring Portal
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.7%
CVE-2024-3084 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Emergency Ambulance Hiring Portal
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.7%
CVE-2024-28288 CRITICAL Act Now

Ruijie RG-NBR700GW 10.3(4b12) router lacks cookie verification when resetting the password, resulting in an administrator password reset vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rg Nbr700Gw Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-3091 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Emergency Ambulance Hiring Portal
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.5%
CVE-2024-2047 HIGH PATCH This Week

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.0.6 via the render_raw function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

WordPress PHP RCE LFI Information Disclosure +2
NVD VulDB
CVSS 3.1
8.8
EPSS
1.6%
CVE-2024-3018 HIGH PATCH This Week

The Essential Addons for Elementor plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.9.13 via deserialization of untrusted input from the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

PHP Deserialization WordPress Information Disclosure Essential Addons For Elementor +1
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2024-3090 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as problematic.php of the component Add Ambulance Page. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Emergency Ambulance Hiring Portal
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.6%
CVE-2024-3089 MEDIUM POC This Month

A vulnerability has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as problematic. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Emergency Ambulance Hiring Portal
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-29278 MEDIUM This Month

funboot v1.1 is vulnerable to Cross Site Scripting (XSS) via the title field in "create a message .". Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-2948 MEDIUM This Month

The Favorites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'user_favorites' shortcode in all versions up to, and including, 2.3.3 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress
NVD VulDB
CVSS 3.1
6.4
EPSS
0.2%
CVE-2024-2794 MEDIUM This Month

The Gutenberg Block Editor Toolkit - EditorsKit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'editorskit' shortcode in all versions up to, and including, 1.40.4. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress
NVD VulDB
CVSS 3.1
6.4
EPSS
0.2%
CVE-2024-1238 MEDIUM PATCH This Month

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the button ID parameter in all versions up to, and including, 3.0.6 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Elements Kit Elementor Addons Elementor
NVD VulDB
CVSS 3.1
6.4
EPSS
0.2%
CVE-2024-2141 MEDIUM PATCH This Month

The Ultimate Addons for Beaver Builder - Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Button widget in all versions up to, and including, 1.5.7 due to insufficient. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Ultimate Addons For Beaver Builder
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2024-2144 MEDIUM PATCH This Month

The Ultimate Addons for Beaver Builder - Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Separator widget in all versions up to, and including, 1.5.7 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Ultimate Addons For Beaver Builder
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2024-2142 MEDIUM PATCH This Month

The Ultimate Addons for Beaver Builder - Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Info Table widget in all versions up to, and including, 1.5.7 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Ultimate Addons For Beaver Builder
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2024-0367 MEDIUM This Month

The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the link field of an installed widget (e.g., 'Button Link') in all versions up to, and. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Unlimited Elements For Elementor Elementor
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2024-2491 MEDIUM PATCH This Month

The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the *_html_tag* attribute of multiple widgets in all versions up to, and including, 2.7.17 due. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Powerpack Addons For Elementor Elementor
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2024-2143 MEDIUM PATCH This Month

The Ultimate Addons for Beaver Builder - Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Heading widget in all versions up to, and including, 1.5.7 due to insufficient. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Ultimate Addons For Beaver Builder
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2024-2140 MEDIUM PATCH This Month

The Ultimate Addons for Beaver Builder - Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Advanced Icons widget in all versions up to, and including, 1.5.7 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Ultimate Addons For Beaver Builder
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2024-1051 MEDIUM This Month

The List category posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'catlist' shortcode in all versions up to, and including, 0.89.6 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%
CVE-2024-1692 MEDIUM This Month

The BoldGrid Easy SEO - Simple and Effective SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the meta description field in all versions up to, and including, 1.6.13 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS
NVD VulDB
CVSS 3.1
6.4
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy