Skip to main content
CVE-2024-5350 MEDIUM POC This Month

A vulnerability was found in anji-plus AJ-Report up to 1.4.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Aj Report
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.6%
CVE-2024-5229 MEDIUM PATCH This Month

The Primary Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Pricing Table widget in all versions up to, and including, 1.5.5 due to insufficient. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Primary Addon For Elementor Elementor
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2024-5220 MEDIUM PATCH This Month

The ND Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's upload feature in all versions up to, and including, 7.5 due to insufficient input sanitization. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Nd Shortcodes
NVD
CVSS 3.1
6.4
EPSS
0.3%
CVE-2024-5218 MEDIUM This Month

The Reviews and Rating - Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file upload feature in all versions up to, and including, 5.2 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google XSS WordPress File Upload
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2024-4045 MEDIUM PATCH This Month

The Popup Builder by OptinMonster - WordPress Popups for Optins, Email Newsletters and Lead Generation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘campaign_id’. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS WordPress Optinmonster
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2024-30056 MEDIUM This Month

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Google Microsoft Edge Chromium
NVD
CVSS 3.1
5.4
EPSS
1.6%
CVE-2024-4858 MEDIUM PATCH This Month

The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_testimonials_option_callback' function in. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass Testimonial Carousel For Elementor Elementor
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2024-5340 MEDIUM This Month

A vulnerability was found in Ruijie RG-UAC up to 20240516. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Command Injection Rg Uac 6000 E20C Firmware Rg Uac 6000 E20M Firmware Rg Uac 6000 E50 Firmware +24
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
7.9%
CVE-2024-5339 MEDIUM This Month

A vulnerability was found in Ruijie RG-UAC up to 20240516. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Command Injection Rg Uac 6000 Cc Firmware Rg Uac 6000 E10 Firmware Rg Uac 6000 E10C Firmware +24
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
7.9%
CVE-2024-5338 MEDIUM This Month

A vulnerability was found in Ruijie RG-UAC up to 20240516. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Command Injection Rg Uac 6000 Cc Firmware Rg Uac 6000 E10 Firmware Rg Uac 6000 E10C Firmware +24
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
7.9%
CVE-2024-5337 MEDIUM This Month

A vulnerability was found in Ruijie RG-UAC up to 20240516 and classified as critical.php. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Command Injection Rg Uac 6000 Cc Firmware Rg Uac 6000 E10 Firmware Rg Uac 6000 E10C Firmware +24
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
9.0%
CVE-2024-5336 MEDIUM This Month

A vulnerability has been found in Ruijie RG-UAC up to 20240516 and classified as critical. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Command Injection Rg Uac 6000 Cc Firmware Rg Uac 6000 E10 Firmware Rg Uac 6000 E10C Firmware +24
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
9.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy