Skip to main content
CVE-2024-4463 MEDIUM This Month

The Squelch Tabs and Accordions Shortcodes plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.4.7. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-4314 MEDIUM This Month

The Hostel plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-4103 MEDIUM This Month

The ADFO - Custom data in admin dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-4082 MEDIUM This Month

The Joli FAQ SEO - WordPress FAQ Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-4312 MEDIUM This Month

The Soccer Engine - Soccer Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-4766 MEDIUM This Month

Different techniques existed to obscure the fullscreen notification in Firefox for Android. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Mozilla Firefox
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-4139 MEDIUM This Month

Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-4138 MEDIUM This Month

Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-33004 MEDIUM PATCH This Month

SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.

Information Disclosure SAP Businessobjects Business Intelligence Platform
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-4317 MEDIUM POC This Month

Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an unprivileged database user to read most common values and other statistics from CREATE STATISTICS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass PostgreSQL
NVD GitHub
CVSS 3.1
4.3
EPSS
0.7%
CVE-2024-28760 MEDIUM PATCH This Month

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

IBM Denial Of Service App Connect Enterprise
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2024-28759 MEDIUM This Month

A crafted network packet may cause a buffer overrun in Wind River VxWorks 7 through 23.09. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-33009 MEDIUM This Month

SAP Global Label Management is vulnerable to SQL injection. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.

SQLi SAP
NVD
CVSS 3.1
4.2
EPSS
0.3%
CVE-2024-30048 MEDIUM This Month

Dynamics 365 Customer Insights Spoofing Vulnerability. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dynamics 365 Customer Insights
NVD
CVSS 3.1
4.1
EPSS
1.0%
CVE-2024-30047 MEDIUM This Month

Dynamics 365 Customer Insights Spoofing Vulnerability. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dynamics 365 Customer Insights
NVD
CVSS 3.1
4.1
EPSS
1.0%
Prev Page 9 of 9

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy