noviembre 2024 - Página 74 de 117

9 Nov 2024

CVE-2024-50524

Título es

CVE-2024-50524

Sáb, 09/11/2024 – 10:15

Tipo

CWE-89

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-50524

Descripción en

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in quyle91 Administrator Z allows Blind SQL Injection.This issue affects Administrator Z: from n/a through 2024.11.04.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

8.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/administrator-z/wordpress-administrator-z-plugin-2024-10-27-sql-injection-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51763

Título es

CVE-2024-51763

Sáb, 09/11/2024 – 10:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51763

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Biplob Adhikari Team Showcase and Slider – Team Members Builder allows Reflected XSS.This issue affects Team Showcase and Slider – Team Members Builder: from n/a through 1.3.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/team-showcase-ultimate/wordpress-team-showcase-and-slider-plugin-1-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51762

Título es

CVE-2024-51762

Sáb, 09/11/2024 – 10:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51762

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nightshift Creative PropertyShift allows Reflected XSS.This issue affects PropertyShift: from n/a through 1.0.0.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/propertyshift/wordpress-propertyshift-plugin-1-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-50544

Título es

CVE-2024-50544

Sáb, 09/11/2024 – 10:15

Tipo

CWE-89

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-50544

Descripción en

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Micah Blu RSVP ME allows SQL Injection.This issue affects RSVP ME: from n/a through 1.9.9.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

8.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/rsvp-me/wordpress-rsvp-me-plugin-1-9-9-sql-injection-vulnerability-2?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-50539

Título es

CVE-2024-50539

Sáb, 09/11/2024 – 10:15

Tipo

CWE-89

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-50539

Descripción en

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lodgix Lodgix.Com Vacation Rental Website Builder allows SQL Injection.This issue affects Lodgix.Com Vacation Rental Website Builder: from n/a through 3.9.73.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

8.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/lodgixcom-vacation-rental-listing-management-booking-plugin/wordpress-lodgix-com-vacation-rental-website-builder-plugin-3-9-73-sql-injection-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51778

Título es

CVE-2024-51778

Sáb, 09/11/2024 – 10:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51778

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Starfish Reviews Satisfaction Reports from Help Scout allows Reflected XSS.This issue affects Satisfaction Reports from Help Scout: from n/a through 2.0.3.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/happiness-reports-for-help-scout/wordpress-satisfaction-reports-from-help-scout-plugin-2-0-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51776

Título es

CVE-2024-51776

Sáb, 09/11/2024 – 10:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51776

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in samhotchkiss Daily Image allows Reflected XSS.This issue affects Daily Image: from n/a through 1.0.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/daily-image/wordpress-daily-image-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51781

Título es

CVE-2024-51781

Sáb, 09/11/2024 – 10:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51781

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Loop Now Technologies, Inc. Firework Shoppable Live Video allows Reflected XSS.This issue affects Firework Shoppable Live Video: from n/a through 6.3.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/firework-videos/wordpress-firework-shoppable-live-video-plugin-6-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51780

Título es

CVE-2024-51780

Sáb, 09/11/2024 – 10:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51780

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael DUMONTET eewee admin custom allows Reflected XSS.This issue affects eewee admin custom: from n/a through 1.8.2.4.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/eewee-admincustom/wordpress-eewee-admin-custom-plugin-1-8-2-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

9 Nov 2024

CVE-2024-51779

Título es

CVE-2024-51779

Sáb, 09/11/2024 – 10:15

Tipo

CWE-79

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2024-51779

Descripción en

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Stranger Studios (WordCamp Philly) Don't Break The Code allows Reflected XSS.This issue affects Don't Break The Code: from n/a through .3.1.

09/11/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)

7.10

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://patchstack.com/database/vulnerability/dont-break-the-code/wordpress-don-t-break-the-code-plugin-3-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

Enviar en el boletín

Off

Archivos mensuales: noviembre 2024