Total
839 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-10688 | 2024-11-12 | N/A | 4.3 MEDIUM | ||
| The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.2 via the 'attesa-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to. | |||||
| CVE-2024-9262 | 2024-11-12 | N/A | 6.5 MEDIUM | ||
| The User Meta – User Profile Builder and User management plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.1 via the getUser() due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Contributor-level access and above, to obtain user meta values from form fields. Please note that this requires a site administrator to create a form that displays potentially sensitive information like password hashes. This may also be exploited by unauthenticated users if the 'user-meta-public-profile' shortcode is used insecurely. | |||||
| CVE-2024-43438 | 2024-11-08 | N/A | 7.5 HIGH | ||
| A flaw was found in Feedback. Bulk messaging in the activity's non-respondents report did not verify message recipients belonging to the set of users returned by the report. | |||||
| CVE-2024-10452 | 1 Grafana | 1 Grafana | 2024-11-08 | N/A | 2.7 LOW |
| Organization admins can delete pending invites created in an organization they are not part of. | |||||
| CVE-2024-48217 | 2024-11-05 | N/A | 8.8 HIGH | ||
| An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to execute a horizontal-privilege escalation. | |||||
| CVE-2024-10654 | 2024-11-05 | 5.0 MEDIUM | 5.3 MEDIUM | ||
| A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to authorization bypass. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 9.3.5u.6698_B20230810 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2024-7473 | 1 Lunary | 1 Lunary | 2024-11-03 | N/A | 6.5 MEDIUM |
| An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in lunary-ai/lunary versions 1.3.2. This vulnerability allows an authenticated user to update other users' prompts by manipulating the 'id' parameter in the request. The issue is fixed in version 1.4.3. | |||||
| CVE-2024-50483 | 1 Tareqhasan | 1 Meetup | 2024-10-31 | N/A | 9.8 CRITICAL |
| Authorization Bypass Through User-Controlled Key vulnerability in Meetup allows Privilege Escalation.This issue affects Meetup: from n/a through 0.1. | |||||
| CVE-2024-10439 | 1 Sun.net | 1 Ehdr Ctms | 2024-10-31 | N/A | 7.5 HIGH |
| The eHRD CTMS from Sunnet has an Insecure Direct Object Reference (IDOR) vulnerability, allowing unauthenticated remote attackers to modify a specific parameter to access arbitrary files uploaded by any user. | |||||
| CVE-2024-10121 | 1 Riskengine | 1 Radar | 2024-10-30 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue affects some unknown processing of the component Interface Handler. The manipulation with the input /../ leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This appears not to be a path traversal weakness. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-41254 | 1 Litestream | 1 Litestream | 2024-10-29 | N/A | 5.3 MEDIUM |
| An issue was discovered in litestream v0.3.13. The usage of the ssh.InsecureIgnoreHostKey() disables host key verification, possibly allowing attackers to obtain sensitive information via a man-in-the-middle attack. | |||||
| CVE-2023-32189 | 2024-10-29 | N/A | 5.9 MEDIUM | ||
| Insecure handling of ssh keys used to bootstrap clients allows local attackers to potentially gain access to the keys | |||||
| CVE-2024-9637 | 2024-10-28 | N/A | 8.8 HIGH | ||
| The School Management System – WPSchoolPress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.10. This is due to the plugin not properly validating a user's identity prior to updating their details like email. This makes it possible for authenticated attackers, with teacher-level access and above, to change arbitrary user's email addresses, including administrators, and leverage that to reset the user's password and gain access to their account. | |||||
| CVE-2024-46937 | 1 Mfasoft | 1 Secure Authentication Server | 2024-10-24 | N/A | 7.5 HIGH |
| An improper access control (IDOR) vulnerability in the /api-selfportal/get-info-token-properties endpoint in MFASOFT Secure Authentication Server (SAS) 1.8.x through 1.9.x before 1.9.040924 allows remote attackers gain access to user tokens without authentication. The is a brute-force attack on the serial parameter by number identifier: GA00001, GA00002, GA00003, etc. | |||||
| CVE-2024-9215 | 2024-10-18 | N/A | 8.8 HIGH | ||
| The Co-Authors, Multiple Authors and Guest Authors in an Author Box with PublishPress Authors plugin for WordPress is vulnerable to Insecure Direct Object Reference to Privilege Escalation/Account Takeover in all versions up to, and including, 4.7.1 via the action_edited_author() due to missing validation on the 'authors-user_id' user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to update arbitrary user accounts email addresses, including administrators, which can then be leveraged to reset that user's account password and gain access. | |||||
| CVE-2024-9263 | 2024-10-18 | N/A | 9.8 CRITICAL | ||
| The WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress is vulnerable to Account Takeover/Privilege Escalation via Insecure Direct Object Reference in all versions up to, and including, 1.0.25 via the save() due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to reset the emails and passwords of arbitrary user accounts, including administrators, which makes account takeover and privilege escalation possible. | |||||
| CVE-2024-9687 | 1 Dueclic | 1 Wp 2fa With Telegram | 2024-10-17 | N/A | 8.8 HIGH |
| The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and including, 3.0. This is due to insufficient validation of the user-controlled key on the 'validate_tg' action. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to log in as any existing user on the site, such as an administrator. | |||||
| CVE-2023-7286 | 2024-10-16 | N/A | 6.5 MEDIUM | ||
| The plugin ACF Quick Edit Fields for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 3.2.2. This makes it possible for attackers without the edit_users capability to access metadata of other users, this includes contributor-level users and above. | |||||
| CVE-2024-8040 | 2024-10-16 | N/A | 7.7 HIGH | ||
| An authorization bypass through user-controlled key vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2024x allows an authenticated attacker to access some unauthorized data. | |||||
| CVE-2024-47657 | 1 Shilpisoft | 1 Net Back Office | 2024-10-16 | N/A | 6.5 MEDIUM |
| This vulnerability exists in the Shilpi Net Back Office due to improper access controls on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter dfclientid through API request URLs which could lead to unauthorized access to sensitive information belonging to other users. | |||||