Skip to main content
CVE-2024-35223 MEDIUM PATCH This Month

Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-5241 MEDIUM This Month

A vulnerability was found in Huashi Private Cloud CDN Live Streaming Acceleration Server up to 20240520. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Command Injection
NVD VulDB GitHub
CVSS 4.0
5.1
EPSS
1.9%
CVE-2023-6844 MEDIUM This Month

The iframe plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to and including 5.0 due to insufficient input sanitization and output. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress
NVD
CVSS 3.1
5.0
EPSS
0.2%
CVE-2024-3065 MEDIUM This Month

The PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.7 due to. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

XSS WordPress
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2024-3626 MEDIUM This Month

The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-3711 MEDIUM This Month

The Brizy - Page Builder plugin for WordPress is vulnerable to unauthorized plugin setting update due to a missing capability check on the functions action_request_disable, action_change_template,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Brizy
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-1803 MEDIUM PATCH This Month

The EmbedPress - Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress is vulnerable to unauthorized access of. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Google WordPress Authentication Bypass Embedpress
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-5244 MEDIUM This Month

TP-Link Omada ER605 Reliance on Security Through Obscurity Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. No vendor patch available.

TP-Link RCE Omada Er605 Firmware
NVD
CVSS 3.1
4.2
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy