Skip to main content
CVE-2024-3823 LOW POC Monitor

The Base64 Encoder/Decoder WordPress plugin through 0.9.2 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS CSRF Base64 Encoderdecoder
NVD WPScan
CVSS 3.1
2.4
EPSS
0.2%
CVE-2024-3629 LOW POC Monitor

The HL Twitter WordPress plugin through 2014.1.18 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Hl Twitter
NVD WPScan
CVSS 3.1
2.4
EPSS
0.2%
CVE-2024-4976 LOW Monitor

Out-of-bounds array write in Xpdf 4.05 and earlier, due to missing object type check in AcroForm field reference. Rated low severity (CVSS 2.1), this vulnerability is no authentication required. No vendor patch available.

Buffer Overflow Memory Corruption Xpdf
NVD
CVSS 4.0
2.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy