CVE List - 2024 / January

Showing 1401 - 1500 of 2591 CVEs for January 2024 (Page 15 of 26)

Back to List Previous Next

CVE ID	Date	Title
CVE-2022-3836	2024-01-16	Seed Social < 2.0.4 - Admin+ Stored XSS
CVE-2022-3764	2024-01-16	Form Vibes < 1.4.5 - Admin+ SQLi
CVE-2022-3899	2024-01-16	3DPrint < 3.5.6.9 - Arbitrary File and Directory Deletion via CSRF
CVE-2022-0402	2024-01-16	Superforms < 6.0.4 - Reflected Cross-Site Scripting
CVE-2022-23180	2024-01-16	Contact Form & Lead Form Elementor Builder Plugin < 1.7.4 - Multiple Subscriber+ Settings Update
CVE-2022-23179	2024-01-16	Contact Form & Lead Form Elementor Builder < 1.7.0 - Multiple Admin+ Stored Cross-Site Scripting
CVE-2022-1760	2024-01-16	Core Control <= 1.2.1 - Arbitrary Settings Update via CSRF
CVE-2022-1609	2024-01-16	The School Management < 9.9.7 - Unauthenticated RCE via REST api
CVE-2021-4227	2024-01-16	Ark Comment Editor <= 2.15.6 - Iframe Injection via Comment
CVE-2022-0775	2024-01-16	WooCommerce < 6.2.1 - Subscriber+ Arbitrary Comment Deletion
CVE-2022-1617	2024-01-16	WP-Invoice <= 4.3.1 - Stored Cross-Site Scripting via CSRF
CVE-2022-1618	2024-01-16	Coru LFMember <= 1.0.2 - Stored Cross-Site Scripting via CSRF
CVE-2022-3604	2024-01-16	Contact Form Entries < 1.3.0 - CSV Injection
CVE-2022-3739	2024-01-16	WP Best Quiz <= 1.0 - Author+ Stored XSS
CVE-2022-3829	2024-01-16	Font Awesome 4 Menus <= 4.7.0 - Admin+ Stored XSS
CVE-2022-3194	2024-01-16	Dokan < 3.6.4 - Vendor Stored Cross-Site Scripting
CVE-2023-3647	2024-01-16	IURNY by INDIGITALL < 3.2.3 - Admin+ Stored XSS
CVE-2023-3211	2024-01-16	WordPress Database Administrator <= 1.0.3 - Unauthenticated SQL Injection
CVE-2023-3771	2024-01-16	T1 theme <= 19.0 - Open Redirect
CVE-2023-6046	2024-01-16	EventON < 2.2 - Admin+ Stored HTML Injection
CVE-2023-5558	2024-01-16	LearnPress < 4.2.5.5 - Reflected Cross-Site Scripting
CVE-2023-0224	2024-01-16	GiveWP < 2.24.1 - Unauthenticated SQLi
CVE-2023-0079	2024-01-16	Customer Reviews for WooCommerce < 5.17.0 - Contributor+ Stored XSS
CVE-2023-0479	2024-01-16	Print Invoice & Delivery Notes for WooCommerce < 4.7.2 - Reflected XSS
CVE-2023-2655	2024-01-16	Contact Form by WD <= 1.13.23 - Admin+ SQLi
CVE-2023-37521	2024-01-16	HCL BigFix OSD Bare Metal Server WebUI is affected by sensitive information disclosure
CVE-2023-3178	2024-01-16	POST SMTP Mailer < 2.5.7 - Arbitrary Log Deletion via CSRF
CVE-2023-3372	2024-01-16	Lana Shortcodes < 1.2.0 - Contributor+ Stored XSS
CVE-2023-2252	2024-01-16	Directorist < 7.5.4 - Admin+ LFI
CVE-2023-0094	2024-01-16	UpQode Google Maps <= 1.0.5 - Contributor+ Stored XSS
CVE-2023-0376	2024-01-16	Qubely < 1.8.5 - Contributor+ Stored XSS
CVE-2023-0389	2024-01-16	Calculated Fields Form < 1.1.151 - Admin+ Stored Cross-Site Scripting via Dropdown Fields
CVE-2023-1405	2024-01-16	Formidable Forms < 6.2 - Unauthenticated PHP Object Injection
CVE-2023-0769	2024-01-16	hiWeb Migration Simple <= 2.0.0.1 Reflected Cross-Site Scripting
CVE-2023-0824	2024-01-16	UserPlus <= 2.0 - Stored XSS via CSRF
CVE-2023-4536	2024-01-16	My Account Page Editor < 1.3.2 - Subscriber+ Arbitrary File Upload
CVE-2023-4757	2024-01-16	Staff / Employee Business Directory for Active Directory < 1.2.3 - Improper escaping of LDAP entries
CVE-2023-4797	2024-01-16	Newsletter Lite < 4.9.3 - Admin+ Command Injection
CVE-2023-4703	2024-01-16	All in One B2B for WooCommerce <= 1.0.3 - Unauthenticated Privilege Escalation
CVE-2023-6741	2024-01-16	WP Customer Area < 8.2.1 - Subscriber+ Account Address Update
CVE-2024-0237	2024-01-16	EventON (Free < 2.2.9, Premium <= 4.5.8) - Unauthenticated Virtual Event Settings Update
CVE-2024-0236	2024-01-16	EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password Disclosure
CVE-2023-6824	2024-01-16	WP Customer Area < 8.2.1 - Subscriber+ Account Address Leak
CVE-2024-0187	2024-01-16	Community by PeepSo < 6.3.1.2 - Reflected XSS
CVE-2023-6592	2024-01-16	FastDup – Fastest WordPress Migration & Duplicator < 2.2 - Directory Listing to Account Takeover and Sensitive Data Exposure
CVE-2023-6005	2024-01-16	EventON (Free < 2.2.7, Premium < 4.5.5) - Admin+ Stored Cross-Site Scripting
CVE-2024-0233	2024-01-16	EventON (Free < 2.2.8, Premium < 4.5.5) - Reflected XSS
CVE-2023-6732	2024-01-16	Ultimate Maps by Supsystic < 1.2.16 - Admin+ Stored XSS
CVE-2023-7154	2024-01-16	Hubbub Lite < 1.32.0 - Admin+ Stored XSS
CVE-2023-7084	2024-01-16	Voting Record <= 2.0 - Subscriber+ Stored XSS
CVE-2024-0239	2024-01-16	Contact Form 7 Connector < 1.2.3 - Reflected XSS
CVE-2023-7083	2024-01-16	Voting Record <= 2.0 - Settings Update to Stored XSS via CSRF
CVE-2024-0235	2024-01-16	EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Email Address Disclosure
CVE-2023-7125	2024-01-16	Community by PeepSo < 6.3.1.2 - User Post Creation via CSRF
CVE-2024-0238	2024-01-16	EventON (Free < 2.2.8, Premium < 4.5.6) - Unauthenticated Arbitrary Post Metadata Update
CVE-2023-5922	2024-01-16	Royal Elementor Addons and Templates < 1.3.81 - Unauthenticated Arbitrary Post Read
CVE-2023-6292	2024-01-16	Ecwid Ecommerce Shopping Cart < 6.12.5 - Arbitrary Plugin Settings Change via CSRF
CVE-2023-6373	2024-01-16	ArtPlacer Widget < 2.20.7 - Editor+ SQLi
CVE-2023-7151	2024-01-16	Product Enquiry for WooCommerce < 3.2 - Reflected XSS
CVE-2023-37522	2024-01-16	HCL BigFix OSD Bare Metal Server WebUI is affected by missing or insecure tags
CVE-2024-0578	2024-01-16	Totolink LR1200GB cstecgi.cgi UploadCustomModule stack-based overflow
CVE-2023-45229	2024-01-16	Out-of-Bounds Read in EDK II Network Package
CVE-2023-45230	2024-01-16	Buffer Overflow in EDK II Network Package
CVE-2023-45231	2024-01-16	Out-of-Bounds Read in EDK II Network Package
CVE-2023-45236	2024-01-16	Predictable TCP ISNs in EDK II Network Package
CVE-2023-45237	2024-01-16	Use of a Weak PseudoRandom Number Generator in EDK II Network Package
CVE-2023-45235	2024-01-16	Buffer Overflow in EDK II Network Package
CVE-2023-45232	2024-01-16	Infinite loop in EDK II Network Package
CVE-2023-45233	2024-01-16	Infinite loop in EDK II Network Package
CVE-2023-45234	2024-01-16	Buffer Overflow in EDK II Network Package
CVE-2024-0579	2024-01-16	Totolink X2000R formMapDelDevice command injection
CVE-2023-4969	2024-01-16	GPU kernel implementations susceptible to memory leak
CVE-2023-37523	2024-01-16	HCL BigFix OSD Bare Metal Server WebUI is affected by missing or insecure tags
CVE-2024-23347	2024-01-16	Prior to v176, when opening a new project Meta Spark...
CVE-2023-7234	2024-01-16	Integration Objects OPC UA Server Toolkit Improper Output Neutralization for Logs
CVE-2024-0200	2024-01-16	Unsafe Reflection in Github Enterprise Server leading to Command Injection
CVE-2024-0507	2024-01-16	Privilege Escalation by Code Injection in the Management Console in GitHub Enterprise Server
CVE-2023-5097	2024-01-16	Improper Input Validation vulnerability in HYPR Workforce Access on Windows...
CVE-2023-6334	2024-01-16	Improper Restriction of Operations within the Bounds of a Memory...
CVE-2023-6335	2024-01-16	Improper Link Resolution Before File Access ('Link Following') vulnerability in...
CVE-2023-6336	2024-01-16	Improper Link Resolution Before File Access ('Link Following') vulnerability in...
CVE-2024-0599	2024-01-16	Jspxcms Document Management Page InfoController.java cross site scripting
CVE-2024-0517	2024-01-16	Out of bounds write in V8 in Google Chrome prior...
CVE-2024-0518	2024-01-16	Type confusion in V8 in Google Chrome prior to 120.0.6099.224...
CVE-2024-0519	2024-01-16	Out of bounds memory access in V8 in Google Chrome...
CVE-2024-0601	2024-01-16	ZhongFuCheng3y Austin Email Message Template AustinFileUtils.java getRemoteUrl2File server-side request forgery
CVE-2022-31021	2024-01-16	Unlinkability broken in ursa when verifiers use malicious keys
CVE-2023-21901	2024-01-16	Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product...
CVE-2024-20904	2024-01-16	Vulnerability in the Oracle Business Intelligence Enterprise Edition product of...
CVE-2024-20906	2024-01-16	Vulnerability in the Integrated Lights Out Manager (ILOM) product of...
CVE-2024-20908	2024-01-16	Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion...
CVE-2024-20910	2024-01-16	Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall)....
CVE-2024-20912	2024-01-16	Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall)....
CVE-2024-20914	2024-01-16	Vulnerability in the Oracle ZFS Storage Appliance Kit product of...
CVE-2024-20916	2024-01-16	Vulnerability in the Oracle Enterprise Manager Base Platform product of...
CVE-2024-20918	2024-01-16	Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,...
CVE-2024-20920	2024-01-16	Vulnerability in the Oracle Solaris product of Oracle Systems (component:...
CVE-2024-20922	2024-01-16	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition...
CVE-2024-20924	2024-01-16	Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall)....
CVE-2024-20926	2024-01-16	Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK,...