Skip to main content
CVE-2024-3813 HIGH This Week

The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8 via the 'td_block_title' shortcode 'block_template_id' attribute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress PHP RCE LFI Information Disclosure +1
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2023-6696 HIGH PATCH This Week

The Popup Builder - Create highly converting, mobile friendly marketing popups. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass WordPress SSRF Popup Builder
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-6000 HIGH This Week

The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability setting on the 'display_ticket_themes_page' function in versions. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

RCE WordPress Authentication Bypass
NVD
CVSS 3.1
7.1
EPSS
3.7%
CVE-2024-27275 HIGH This Week

IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an insufficient authority requirement. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Privilege Escalation
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-2544 HIGH PATCH This Week

The Popup Builder plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on all AJAX actions. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

WordPress Authentication Bypass XSS Popup Builder
NVD
CVSS 3.1
7.4
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy