Skip to main content
CVE-2024-5775 MEDIUM POC This Month

A vulnerability was found in SourceCodester Vehicle Management System 1.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Vehicle Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-5774 MEDIUM POC This Month

A vulnerability has been found in SourceCodester Stock Management System 1.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Stock Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.7%
CVE-2024-2408 MEDIUM POC This Month

The openssl_private_decrypt function in PHP, when using PKCS1 padding (OPENSSL_PKCS1_PADDING, which is the default), is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

PHP Information Disclosure OpenSSL Microsoft Fedora
NVD GitHub
CVSS 3.1
5.9
EPSS
1.2%
CVE-2024-5458 MEDIUM POC THREAT This Month

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Fedora
NVD GitHub
CVSS 3.1
5.3
EPSS
12.1%
CVE-2024-5773 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Application Security Gateway
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.7%
CVE-2024-5772 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in Netentsec NS-ASG Application Security Gateway 6.3.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Application Security Gateway
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.7%
CVE-2024-30534 MEDIUM This Month

Missing Authorization vulnerability in typps Calendarista Basic Edition calendarista-basic-edition.0.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-32805 MEDIUM This Month

Missing Authorization vulnerability in Social Snap.3.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-31307 MEDIUM This Month

Missing Authorization vulnerability in appscreo Easy Social Share Buttons.4. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2024-31246 MEDIUM This Month

Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.2.3. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
5.4
EPSS
0.4%
CVE-2024-32824 MEDIUM This Month

Missing Authorization vulnerability in Evergreen Content Poster Evergreen Content Poster evergreen-content-poster.4.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
5.4
EPSS
0.2%
CVE-2024-30529 MEDIUM This Month

Missing Authorization vulnerability in tainacan Tainacan tainacan.20.7. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
5.3
EPSS
0.7%
CVE-2024-32797 MEDIUM This Month

Missing Authorization vulnerability in Martin Gibson WP LinkedIn Auto Publish.11. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-24716 MEDIUM This Month

Missing Authorization vulnerability in Awesome Support Team Awesome Support.1.6. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Awesome Support
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-32725 MEDIUM This Month

Missing Authorization vulnerability in Saleswonder Team: Tobias 5 Stars Rating Funnel 5-stars-rating-funnel.2.67. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-35748 MEDIUM This Month

Missing Authorization vulnerability in OPMC WooCommerce Dropshipping.0.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Woocommerce Dropshipping
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-32727 MEDIUM This Month

Missing Authorization vulnerability in Rometheme RomethemeForm For Elementor.1.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-32820 MEDIUM This Month

Missing Authorization vulnerability in Social Share Pro Social Share Icons & Social Share Buttons.6.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-32814 MEDIUM This Month

Missing Authorization vulnerability in Zorem Advanced Local Pickup for WooCommerce.6.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-32813 MEDIUM This Month

Missing Authorization vulnerability in SoftLab Integrate Google Drive.3.9. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Google
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-32811 MEDIUM This Month

Insertion of Sensitive Information into Log File vulnerability in Octolize USPS Shipping for WooCommerce - Live Rates.9.4. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-32798 MEDIUM This Month

Missing Authorization vulnerability in WP Travel Engine.8.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wp Travel Engine
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-32779 MEDIUM This Month

Missing Authorization vulnerability in Avirtum Vision Interactive.7.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-31274 MEDIUM This Month

Missing Authorization vulnerability in WPDeveloper EmbedPress.9.11. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Embedpress
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2024-37535 MEDIUM This Month

GNOME VTE before 0.76.3 allows an attacker to cause a denial of service (memory consumption) via a window resize escape sequence, a related issue to CVE-2000-0476. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-31261 MEDIUM This Month

Missing Authorization vulnerability in Aakash Chakravarthy Announcer - Notification & message bars.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Announcer
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-32701 MEDIUM This Month

Missing Authorization vulnerability in InstaWP InstaWP Connect instawp-connect.1.0.24. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-31359 MEDIUM This Month

Missing Authorization vulnerability in Premmerce Premmerce Product Filter for WooCommerce premmerce-woocommerce-product-filter.7.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-33572 MEDIUM This Month

Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor.2.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-32784 MEDIUM This Month

Missing Authorization vulnerability in CookieHub.1.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-32792 MEDIUM This Month

Missing Authorization vulnerability in WPMU DEV - Your All-in-One WordPress Platform Hummingbird hummingbird-performance.7.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-31347 MEDIUM This Month

Missing Authorization vulnerability in Data443 Tracking Code Manager.1.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-32821 MEDIUM This Month

Missing Authorization vulnerability in TotalSuite Total Poll Lite.9.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-32804 MEDIUM This Month

Missing Authorization vulnerability in Martin Gibson WP GoToWebinar.46. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2024-32787 MEDIUM This Month

Missing Authorization vulnerability in Copy Content Protection Team Secure Copy Content Protection and Content Locking.7.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-32783 MEDIUM This Month

Missing Authorization vulnerability in wpcreativeidea Advanced Testimonial Carousel for Elementor.0.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-33564 MEDIUM This Month

Missing Authorization vulnerability in 8theme XStore.3.8. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Xstore
NVD
CVSS 3.1
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy