CVE List - 2024 / April
Showing 2901 - 3000 of 3606 CVEs for April 2024 (Page 30 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-3293 | 2024-04-23 | The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress... |
| CVE-2024-2760 | 2024-04-23 | Bkav Home v7816, build 2403161130 - Kernel Memory Leak |
| CVE-2024-1241 | 2024-04-23 | Watchdog Antivirus v1.6.415 - Denial of Service |
| CVE-2024-31857 | 2024-04-23 | Forminator prior to 1.15.4 contains a cross-site scripting vulnerability. If... |
| CVE-2024-31077 | 2024-04-23 | Forminator prior to 1.29.3 contains a SQL injection vulnerability. If... |
| CVE-2024-28890 | 2024-04-23 | Forminator prior to 1.29.0 contains an unrestricted upload of file... |
| CVE-2024-21511 | 2024-04-23 | Versions of the package mysql2 before 3.9.7 are vulnerable to... |
| CVE-2024-2799 | 2024-04-23 | The Royal Elementor Addons and Templates plugin for WordPress is... |
| CVE-2024-2798 | 2024-04-23 | The Royal Elementor Addons and Templates plugin for WordPress is... |
| CVE-2024-3889 | 2024-04-23 | The Royal Elementor Addons and Templates plugin for WordPress is... |
| CVE-2023-6833 | 2024-04-23 | Information Exposure Vulnerability in Hitachi Ops Center Administrator |
| CVE-2024-2493 | 2024-04-23 | Session Hijacking Vulnerability in Hitachi Ops Center Analyzer |
| CVE-2024-4031 | 2024-04-23 | MEVO WEBCAM APP Windows Unquoted Service Path Vulnerability |
| CVE-2024-3664 | 2024-04-23 | The Quick Featured Images plugin for WordPress is vulnerable to... |
| CVE-2024-0900 | 2024-04-23 | The Elespare – Build Your Blog, News & Magazine Websites... |
| CVE-2024-3185 | 2024-04-23 | Rapid7 Insight Agent Sensitive Key Exposed To Local Users |
| CVE-2024-3665 | 2024-04-23 | The Rank Math SEO with AI SEO Tools plugin for... |
| CVE-2024-3732 | 2024-04-23 | The GeoDirectory – WordPress Business Directory Plugin, or Classified Directory... |
| CVE-2024-3491 | 2024-04-23 | The Schema & Structured Data for WP & AMP plugin... |
| CVE-2024-3911 | 2024-04-23 | Welotec: Clickjacking Vulnerability in WebUI |
| CVE-2023-47731 | 2024-04-23 | IBM QRadar Suite Software cross-site scripting |
| CVE-2024-26922 | 2024-04-23 | drm/amdgpu: validate the parameters of bo mapping operations more clearly |
| CVE-2024-2477 | 2024-04-23 | The wpDiscuz plugin for WordPress is vulnerable to Stored Cross-Site... |
| CVE-2024-32679 | 2024-04-23 | WordPress Shared Files plugin <= 1.7.16 - Broken Access Control vulnerability |
| CVE-2024-28130 | 2024-04-23 | An incorrect type conversion vulnerability exists in the DVPSSoftcopyVOI_PList::createFromImage functionality... |
| CVE-2024-21972 | 2024-04-23 | An out of bounds write vulnerability in the AMD Radeon™... |
| CVE-2024-21979 | 2024-04-23 | An out of bounds write vulnerability in the AMD Radeon™... |
| CVE-2024-31208 | 2024-04-23 | Synapse's V2 state resolution weakness allows DoS from remote room members |
| CVE-2024-32482 | 2024-04-23 | Tillitis TKey Signer possible RAM disclosure vulnerability |
| CVE-2024-32658 | 2024-04-23 | FreeRDP ExtractRunLengthRegular* out of bound read |
| CVE-2024-4062 | 2024-04-23 | Hualai Xiaofang iSC5 certificate validation |
| CVE-2024-4063 | 2024-04-23 | EZVIZ CS-C6-21WFR-8 Davinci Application certificate validation |
| CVE-2024-32659 | 2024-04-23 | freerdp_image_copy out of bound read |
| CVE-2024-4064 | 2024-04-23 | Tenda AC8 execCommand R7WebsSecurityHandler stack-based overflow |
| CVE-2024-4065 | 2024-04-23 | Tenda AC8 SetRebootTimer formSetRebootTimer stack-based overflow |
| CVE-2024-32660 | 2024-04-23 | FreeRDP zgfx_decompress out of memory vulnerability |
| CVE-2024-32661 | 2024-04-23 | FreeRDP rdp_write_logon_info_v1 NULL access |
| CVE-2024-32662 | 2024-04-23 | FreeRDP rdp_redirection_read_base64_wchar out of bound read |
| CVE-2024-32869 | 2024-04-23 | Hono vulnerable to Restricted Directory Traversal in serveStatic with deno |
| CVE-2024-32875 | 2024-04-23 | Hugo doesn't escape markdown title in internal render hooks |
| CVE-2024-4066 | 2024-04-23 | Tenda AC8 AdvSetMacMtuWan fromAdvSetMacMtuWan stack-based overflow |
| CVE-2024-32866 | 2024-04-23 | Conform contains Prototype Pollution Vulnerability in `parseWith...` function |
| CVE-2024-4069 | 2024-04-23 | Kashipara Online Furniture Shopping Ecommerce Website search.php sql injection |
| CVE-2024-4070 | 2024-04-23 | Kashipara Online Furniture Shopping Ecommerce Website prodList.php sql injection |
| CVE-2024-4071 | 2024-04-23 | Kashipara Online Furniture Shopping Ecommerce Website prodInfo.php sql injection |
| CVE-2024-4072 | 2024-04-23 | Kashipara Online Furniture Shopping Ecommerce Website search.php cross site scripting |
| CVE-2024-4073 | 2024-04-23 | Kashipara Online Furniture Shopping Ecommerce Website prodList.php cross site scripting |
| CVE-2024-4074 | 2024-04-23 | Kashipara Online Furniture Shopping Ecommerce Website prodInfo.php cross site scripting |
| CVE-2024-4075 | 2024-04-23 | Kashipara Online Furniture Shopping Ecommerce Website login.php cross site scripting |
| CVE-2024-33531 | 2024-04-24 | cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature... |
| CVE-2024-28613 | 2024-04-24 | SQL Injection vulnerability in PHP Task Management System v.1.0 allows... |
| CVE-2024-4093 | 2024-04-24 | SourceCodester Simple Subscription Website view_application.php sql injection |
| CVE-2023-7253 | 2024-04-24 | Import WP < 2.13.1 - Admin+ Server-side Request Forgery |
| CVE-2024-1743 | 2024-04-24 | WooCommerce Customers Manager < 29.8 - Reflected XSS |
| CVE-2024-1756 | 2024-04-24 | WooCommerce Customers Manager < 29.8 - Subscriber+ Email Disclosure |
| CVE-2024-2402 | 2024-04-24 | Better Comments < 1.5.6 - Admin+ Stored XSS |
| CVE-2024-2404 | 2024-04-24 | Better Comments < 1.5.6 - Subscriber+ Stored XSS |
| CVE-2024-2972 | 2024-04-24 | Floating Chat Widget < 3.1.9 - Editor+ Stored XSS |
| CVE-2024-3261 | 2024-04-24 | Strong Testimonials < 3.1.12 - Contributor+ Stored XSS |
| CVE-2024-32051 | 2024-04-24 | Insertion of sensitive information into log file issue exists in... |
| CVE-2024-31406 | 2024-04-24 | Active debug code vulnerability exists in RoamWiFi R10 prior to... |
| CVE-2024-32951 | 2024-04-24 | WordPress Max Addons Pro for Bricks plugin <= 1.6.1 - Unauthenticated Plugin Settings Reset vulnerability |
| CVE-2024-32948 | 2024-04-24 | WordPress ARMember – Membership Plugin plugin <= 4.0.28 - Broken Access Control vulnerability |
| CVE-2024-32955 | 2024-04-24 | WordPress FV Flowplayer Video Player plugin <= 7.5.43.7212 - Server Side Request Forgery (SSRF) vulnerability |
| CVE-2024-32819 | 2024-04-24 | WordPress Culqi plugin <= 3.0.14 - Server Side Request Forgery (SSRF) vulnerability |
| CVE-2024-32812 | 2024-04-24 | WordPress Podlove Podcast Publisher plugin <= 4.0.11 - Server Side Request Forgery (SSRF) vulnerability |
| CVE-2024-32803 | 2024-04-24 | WordPress SuperFaktura WooCommerce plugin <= 1.40.3 - Server Side Request Forgery (SSRF) vulnerability |
| CVE-2024-32775 | 2024-04-24 | WordPress Embed Google Photos album plugin <= 2.1.9 - Server Side Request Forgery (SSRF) vulnerability |
| CVE-2024-32718 | 2024-04-24 | WordPress The Pack Elementor addons plugin <= 2.0.8.2 - Server Side Request Forgery (SSRF) vulnerability |
| CVE-2024-32836 | 2024-04-24 | WordPress WP-Lister Lite for eBay plugin <= 3.5.11 - Arbitrary File Upload vulnerability |
| CVE-2024-32835 | 2024-04-24 | WordPress Export and Import Users and Customers plugin <= 2.5.3 - Deserialization of untrusted data vulnerability |
| CVE-2024-32817 | 2024-04-24 | WordPress Import and export users and customers plugin <= 1.26.2 - PHP Object Injection vulnerability |
| CVE-2024-32953 | 2024-04-24 | WordPress Newsletters plugin <= 4.9.5 - Sensitive Data Exposure vulnerability |
| CVE-2024-32825 | 2024-04-24 | WordPress Simply Static plugin <= 3.1.3 - Sensitive Data Exposure via Log File vulnerability |
| CVE-2024-32816 | 2024-04-24 | WordPress Combo Blocks plugin <= 2.2.78 - Sensitive Data Exposure via API vulnerability |
| CVE-2024-32796 | 2024-04-24 | WordPress WP Fusion Lite <= 3.42.10 - Sensitive Data Exposure vulnerability |
| CVE-2024-32788 | 2024-04-24 | WordPress FG Joomla to Wordpress plugin <= 4.20.2 - Sensitive Data Exposure via Log File vulnerability |
| CVE-2024-32782 | 2024-04-24 | WordPress HT Mega plugin <= 2.4.7 - Sensitive Data Exposure vulnerability |
| CVE-2024-28963 | 2024-04-24 | Telemetry Dashboard v1.0.0.7 for Dell ThinOS 2402 contains a sensitive... |
| CVE-2024-32781 | 2024-04-24 | WordPress Email Customizer for WooCommerce plugin <= 2.6.0 - Sensitive Data Exposure vulnerability |
| CVE-2024-32780 | 2024-04-24 | WordPress VikRentCar Car Rental Management System plugin <= 1.3.2 - Sensitive Data Exposure via Invoices vulnerability |
| CVE-2024-32726 | 2024-04-24 | WordPress Frontend Dashboard plugin <= 2.2.2 - Sensitive Data Exposure on PII vulnerability |
| CVE-2024-32716 | 2024-04-24 | WordPress StreamWeasels Twitch Integration plugin <= 1.7.8 - API Sensitive Data Exposure vulnerability |
| CVE-2024-28976 | 2024-04-24 | Dell Repository Manager, versions prior to 3.4.5, contains a Path... |
| CVE-2024-32710 | 2024-04-24 | WordPress WP-Recall plugin <= 16.26.5 - SQL Injection vulnerability |
| CVE-2024-28977 | 2024-04-24 | Dell Repository Manager, versions 3.4.2 through 3.4.4,contains a Path Traversal... |
| CVE-2024-32709 | 2024-04-24 | WordPress WP-Recall plugin <= 16.26.5 - SQL Injection vulnerability |
| CVE-2024-32706 | 2024-04-24 | WordPress ARForms plugin <= 6.4 - Auth. SQL Injection vulnerability |
| CVE-2024-32956 | 2024-04-24 | WordPress RomethemeKit For Elementor plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32952 | 2024-04-24 | WordPress Max Addons Pro for Bricks plugin <= 1.6.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32950 | 2024-04-24 | WordPress WP Media Category Management plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32834 | 2024-04-24 | WordPress WooCommerce Shipping Label plugin <= 2.3.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32833 | 2024-04-24 | WordPress List Custom Taxonomy Widget plugin <= 4.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32815 | 2024-04-24 | WordPress All-in-one Like Widget plugin <= 2.2.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32801 | 2024-04-24 | WordPress Widget Post Slider plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32791 | 2024-04-24 | WordPress Premium Addons for Elementor plugin <= 4.10.25 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32723 | 2024-04-24 | WordPress Advanced Floating Content plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32722 | 2024-04-24 | WordPress Coupon & Discount Code Reveal Button plugin <= 1.2.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32721 | 2024-04-24 | WordPress Jeg Elementor Kit plugin <= 2.6.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-32711 | 2024-04-24 | WordPress myCred plugin <= 2.6.3 - Cross Site Scripting (XSS) vulnerability |