CVE List - 2024 / June
Showing 701 - 800 of 3082 CVEs for June 2024 (Page 8 of 31)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-35694 | 2024-06-08 | WordPress WPMobile.App plugin <= 11.41 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-35693 | 2024-06-08 | WordPress 12 Step Meeting List plugin <= 3.14.33 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-35691 | 2024-06-08 | WordPress Widget Options - Extended plugin <= 5.1.0 - Multiple Data Exposure Vulnerability |
| CVE-2024-35689 | 2024-06-08 | WordPress Analytify plugin <= 5.2.3 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-35688 | 2024-06-08 | WordPress Master Addons for Elementor plugin <= 2.0.5.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-35687 | 2024-06-08 | WordPress Link Library plugin <= 7.6.3 - Reflected Cross-Site Scripting (XSS) vulnerability |
| CVE-2024-34765 | 2024-06-08 | WordPress Sensei Pro (WC Paid Courses) plugin <= 4.23.1.1.23.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-35684 | 2024-06-08 | WordPress ElasticPress plugin <= 5.1.0 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-35682 | 2024-06-08 | WordPress Otter Blocks PRO plugin <= 2.6.11 - Authenticated Sensitive Data Exposure vulnerability |
| CVE-2024-35681 | 2024-06-08 | WordPress wpDiscuz plugin <= 7.6.18 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-35679 | 2024-06-08 | WordPress GiveWP plugin <= 3.12.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2023-45707 | 2024-06-08 | HCL Connections Docs is vulnerable to Cross-Site Scripting (XSS) |
| CVE-2024-35678 | 2024-06-08 | WordPress Contact Form to DB by BestWebSoft plugin <= 1.7.2 - SQL Injection vulnerability |
| CVE-2024-35676 | 2024-06-08 | WordPress Recurring PayPal Donations plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-35675 | 2024-06-08 | WordPress Advanced Woo Labels plugin <= 1.93 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-35659 | 2024-06-08 | WordPress KiviCare plugin <= 3.6.2 - Insecure Direct Object References (IDOR) vulnerability |
| CVE-2024-35657 | 2024-06-08 | WordPress WP-Recall plugin <= 16.26.6 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2024-21748 | 2024-06-08 | WordPress Icegram Engage plugin <= 3.1.21 - Broken Access Control vulnerability |
| CVE-2024-22151 | 2024-06-08 | WordPress Import and export users and customers plugin <= 1.24.6 - Broken Access Control vulnerability |
| CVE-2024-4680 | 2024-06-08 | Insufficient Session Expiration in zenml-io/zenml |
| CVE-2024-4146 | 2024-06-08 | Incorrect Authorization in lunary-ai/lunary |
| CVE-2024-5771 | 2024-06-08 | LabVantage LIMS POST Request sql injection |
| CVE-2024-37535 | 2024-06-09 | GNOME VTE before 0.76.3 allows an attacker to cause a... |
| CVE-2024-37568 | 2024-06-09 | lepture Authlib before 1.3.1 has algorithm confusion with asymmetric public... |
| CVE-2024-37569 | 2024-06-09 | An issue was discovered on Mitel 6869i through 4.5.0.41 and... |
| CVE-2024-37570 | 2024-06-09 | On Mitel 6869i 4.5.0.41 devices, the Manual Firmware Update (upgrade.html)... |
| CVE-2024-5772 | 2024-06-09 | Netentsec NS-ASG Application Security Gateway deleteiscuser.php sql injection |
| CVE-2024-5773 | 2024-06-09 | Netentsec NS-ASG Application Security Gateway deletemacbind.php sql injection |
| CVE-2024-5774 | 2024-06-09 | SourceCodester Stock Management System Login index.php sql injection |
| CVE-2024-5775 | 2024-06-09 | SourceCodester Vehicle Management System updatebill.php sql injection |
| CVE-2024-31294 | 2024-06-09 | WordPress WP Sort Order plugin <= 1.3.1 - Broken Access Control vulnerability |
| CVE-2024-31246 | 2024-06-09 | WordPress Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin <= 3.2.3 - Author+ Post/Page Duplication vulnerability |
| CVE-2024-31098 | 2024-06-09 | WordPress New Order Notification for Woocommerce plugin <= 2.0.2 - Broken Access Control vulnerability |
| CVE-2024-30538 | 2024-06-09 | WordPress DELUCKS SEO plugin <= 2.5.4 - Broken Access Control vulnerability |
| CVE-2024-30537 | 2024-06-09 | WordPress WPC Badge Management for WooCommerce plugin <= 2.4.0 - Broken Access Control vulnerability |
| CVE-2024-30534 | 2024-06-09 | WordPress Calendarista Basic Edition plugin <= 3.0.5 - Broken Access Control vulnerability |
| CVE-2024-30539 | 2024-06-09 | WordPress Awesome Support plugin <= 6.1.7 - Broken Access Control vulnerability |
| CVE-2023-52232 | 2024-06-09 | WordPress Booster Plus for WooCommerce plugin < 7.1.2 - Authenticated Arbitrary Post/Page Deletion Vulnerability |
| CVE-2023-52230 | 2024-06-09 | WordPress Booster Plus for WooCommerce plugin < 7.1.3 - Authenticated Arbitrary WordPress Option Disclosure Vulnerability |
| CVE-2023-51494 | 2024-06-09 | WordPress WooCommerce Product Vendors plugin <= 2.2.1 - Broken Access Control vulnerability |
| CVE-2023-23639 | 2024-06-09 | WordPress MainWP Staging Extension Plugin <= 4.0.3 - Subscriber+ Arbitrary Plugin Activation Vulnerability |
| CVE-2023-23640 | 2024-06-09 | WordPress MainWP UpdraftPlus Extension Plugin <= 4.0.6 - Subscriber+ Arbitrary Plugin Activation Vulnerability |
| CVE-2023-31080 | 2024-06-09 | WordPress Unlimited Elements For Elementor plugin <= 1.5.65 - Multiple Broken Access Control vulnerability |
| CVE-2023-34003 | 2024-06-09 | WordPress WooCommerce Box Office plugin <= 1.1.51 - Unauthenticated Save Ticket Barcode vulnerability |
| CVE-2024-24716 | 2024-06-09 | WordPress Awesome Support plugin <= 6.1.6 - Broken Access Control vulnerability |
| CVE-2024-25092 | 2024-06-09 | WordPress NextMove Lite plugin <= 2.17.0 - Subscriber+ Arbitrary Plugin Installation/Activation vulnerability |
| CVE-2024-25929 | 2024-06-09 | WordPress Product Catalog Mode For Woocommerce plugin <= 5.0.5 - Broken Access Control vulnerability |
| CVE-2024-30464 | 2024-06-09 | WordPress Social Icons Widget & Block by WPZOOM plugin <= 4.2.15 - Broken Access Control vulnerability |
| CVE-2024-30465 | 2024-06-09 | WordPress PageLayer plugin <= 1.8.1 - Broken Access Control vulnerability |
| CVE-2024-30466 | 2024-06-09 | WordPress WooCommerce Multilingual & Multicurrency plugin <= 5.3.4 - Broken Access Control vulnerability |
| CVE-2024-30467 | 2024-06-09 | WordPress Essential Blocks plugin <= 4.4.9 - Broken Access Control vulnerability |
| CVE-2024-30470 | 2024-06-09 | WordPress YITH WooCommerce Account Funds Premium plugin <= 1.32.0 - Broken Access Control vulnerability |
| CVE-2024-30481 | 2024-06-09 | WordPress JCH Optimize plugin <= 4.0.0 - Broken Access Control vulnerability |
| CVE-2024-30485 | 2024-06-09 | WordPress Finale Lite plugin <= 2.18.0 - Subscriber+ Arbitrary Plugin Installation/Activation vulnerability |
| CVE-2024-30512 | 2024-06-09 | WordPress weForms plugin <= 1.6.20 - Broken Access Control vulnerability |
| CVE-2024-30515 | 2024-06-09 | WordPress Events Manager plugin <= 6.4.6.4 - Broken Access Control vulnerability |
| CVE-2024-30517 | 2024-06-09 | WordPress Sliced Invoices plugin <= 3.9.2 - Broken Access Control vulnerability |
| CVE-2024-30529 | 2024-06-09 | WordPress Tainacan plugin <= 0.20.7 - Broken Access Control vulnerability |
| CVE-2024-30544 | 2024-06-09 | WordPress Whizzy plugin <= 1.1.18 - Broken Access Control vulnerability |
| CVE-2024-31243 | 2024-06-09 | WordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary WordPress Setting Deletion vulnerability |
| CVE-2024-31244 | 2024-06-09 | WordPress Bricksforge plugin <= 2.0.17 - Unauthenticated Arbitrary WordPress Settings Change vulnerability |
| CVE-2024-31248 | 2024-06-09 | WordPress All-in-One Video Gallery plugin <= 3.5.2 - Broken Access Control vulnerability |
| CVE-2024-31252 | 2024-06-09 | WordPress Responsive Lightbox & Gallery plugin <= 2.4.6 - Broken Access Control vulnerability |
| CVE-2024-31261 | 2024-06-09 | WordPress Announcer – Notification & message bars plugin <= 6.0 - Broken Access Control vulnerability |
| CVE-2024-31267 | 2024-06-09 | WordPress Flexible Checkout Fields for WooCommerce plugin <= 4.1.2 - Broken Access Control vulnerability |
| CVE-2024-31273 | 2024-06-09 | WordPress JS Help Desk plugin <= 2.8.3 - Broken Access Control vulnerability |
| CVE-2024-31274 | 2024-06-09 | WordPress EmbedPress plugin <= 3.9.11 - Broken Access Control vulnerability |
| CVE-2024-35669 | 2024-06-09 | WordPress Debug Log Manager plugin <= 2.3.1 - Broken Access Control vulnerability |
| CVE-2024-35660 | 2024-06-09 | WordPress Master Addons for Elementor plugin <= 2.0.5.4.1 - Broken Access Control on API vulnerability |
| CVE-2024-34435 | 2024-06-09 | WordPress Aiomatic plugin <= 1.9.3 - Broken Access Control vulnerability |
| CVE-2024-33572 | 2024-06-09 | WordPress The Plus Blocks for Block Editor | Gutenberg plugin <= 3.2.5 - Broken Access Control vulnerability |
| CVE-2024-33565 | 2024-06-09 | WordPress Barcode Scanner with Inventory & Order Manager plugin <= 1.5.3 - Unauthenticated Broken Access Control vulnerability |
| CVE-2024-33564 | 2024-06-09 | WordPress XStore theme <= 9.3.8 - Arbitrary Option Update vulnerability |
| CVE-2024-33563 | 2024-06-09 | WordPress XStore theme <= 9.3.8 - Broken Access Control vulnerability |
| CVE-2024-33561 | 2024-06-09 | WordPress XStore theme <= 9.3.8 - Unauthenticated Broken Access Control vulnerability |
| CVE-2024-33555 | 2024-06-09 | WordPress XStore Core plugin <= 5.3.8 - Multiple Authenticated Broken Access Control vulnerability |
| CVE-2024-33547 | 2024-06-09 | WordPress WZone plugin <= 14.0.10 - Site Wide Broken Access Control vulnerability |
| CVE-2024-33545 | 2024-06-09 | WordPress WZone plugin <= 14.0.10 - Unauthenticated Broken Access Control vulnerability |
| CVE-2024-33543 | 2024-06-09 | WordPress WP Time Slots Booking Form plugin <= 1.2.06 - Broken Access Control vulnerability |
| CVE-2024-32824 | 2024-06-09 | WordPress Evergreen Content Poster plugin <= 1.4.2 - Broken Access Control vulnerability |
| CVE-2023-45188 | 2024-06-09 | IBM Engineering Lifecycle Optimization Publishing file upload |
| CVE-2024-32821 | 2024-06-09 | WordPress Total Poll Lite plugin <= 4.9.9 - Broken Access Control vulnerability |
| CVE-2024-32820 | 2024-06-09 | WordPress Social Share Icons & Social Share Buttons plugin <= 3.6.2 - Broken Access Control lead to Notice Dismissal vulnerability |
| CVE-2024-32818 | 2024-06-09 | WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3 - Broken Access Control vulnerability |
| CVE-2024-32814 | 2024-06-09 | WordPress Advanced Local Pickup for WooCommerce plugin <= 1.6.1 - Broken Access Control vulnerability |
| CVE-2024-32813 | 2024-06-09 | WordPress Integrate Google Drive plugin <= 1.3.9 - Broken Access Control vulnerability |
| CVE-2024-32811 | 2024-06-09 | WordPress USPS Shipping for WooCommerce – Live Rates plugin <= 1.9.4 - Sensitive Data Exposure via Log File vulnerability |
| CVE-2024-32805 | 2024-06-09 | WordPress Social Snap plugin <= 1.3.5 - Broken Access Control vulnerability |
| CVE-2024-32804 | 2024-06-09 | WordPress WP GoToWebinar plugin <= 14.46 - Broken Access Control vulnerability |
| CVE-2024-32799 | 2024-06-09 | WordPress Easy Property Listings plugin <= 3.5.3 - Broken Access Control vulnerability |
| CVE-2024-32798 | 2024-06-09 | WordPress WP Travel Engine plugin <= 5.8.0 - Price Manipulation vulnerability |
| CVE-2024-32797 | 2024-06-09 | WordPress WP LinkedIn Auto Publish plugin <= 8.11 - Broken Access Control vulnerability |
| CVE-2024-32792 | 2024-06-09 | WordPress Hummingbird plugin <= 3.7.3 - Broken Access Control vulnerability |
| CVE-2024-32787 | 2024-06-09 | WordPress Secure Copy Content Protection and Content Locking plugin <= 3.7.1 - Broken Access Control vulnerability |
| CVE-2024-32784 | 2024-06-09 | WordPress CookieHub plugin <= 1.1.0 - Broken Access Control vulnerability |
| CVE-2024-32783 | 2024-06-09 | WordPress Advanced Testimonial Carousel for Elementor plugin <= 3.0.0 - Broken Access Control vulnerability |
| CVE-2024-32779 | 2024-06-09 | WordPress Vision – Image Map Builder plugin <= 1.7.1 - Broken Access Control vulnerability |
| CVE-2024-32778 | 2024-06-09 | WordPress Contest Gallery plugin <= 21.3.4 - Arbitrary File Deletion vulnerability |
| CVE-2024-32777 | 2024-06-09 | WordPress BizPrint plugin <= 4.3.39 - Broken Access Control vulnerability |
| CVE-2024-32727 | 2024-06-09 | WordPress RomethemeForm For Elementor plugin <= 1.1.2 - Broken Access Control vulnerability |