In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between August 19-20, 2024.
During this period, The National Vulnerability Database published 76, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 15
High: 14
Medium: 23
Low: 1
Severity Not Assigned: 23
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-44076
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.
References: https://github.com/microcks/microcks/compare/1.9.1-fix-1...1.10.0
https://github.com/microcks/microcks/issues/1212
https://github.com/microcks/microcks/releases/tag/1.10.0
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-44083
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue.
References: https://github.com/Azvanzed/IdaMeme
CWE-ID: CWE-400
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-6330
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution.
References: https://wpscan.com/vulnerability/95b532e0-1ffb-421e-b9c0-de03f89491d7/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-6451
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: AI Engine < 2.4.3 is susceptible to remote-code-execution (RCE) via Log Poisoning. The AI Engine WordPress plugin before 2.5.1 fails to validate the file extension of "logs_path", allowing Administrators to change log filetypes from .log to .php.
References: https://wpscan.com/vulnerability/fc06d413-a227-470c-a5b7-cdab57aeab34/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-43399
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.9
Description: Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Before 4.0.7, there is a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure intended to prevent Zip Slip attacks is improperly implemented. Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running MobSF. This vulnerability is fixed in 4.0.7.
References: https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/cc625fe8430f3437a473e82aa2966d100a4dc883
https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-4hh3-vj32-gr6j
CWE-ID: CWE-23
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-32927
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: In sendDeviceState_1_6 of RadioExt.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References: https://source.android.com/security/bulletin/pixel/2024-08-01
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-37099
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This issue affects GiveWP: from n/a through 3.14.1.
References: https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-3-14-1-unauthenticated-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-42658
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookie's parameter
References: https://github.com/sudo-subho/CVE-2024-42658
https://www.linkedin.com/in/subhodeep-baroi-397629252/
https://x.com/sudo_subho
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-43221
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Crocoblock JetGridBuilder allows PHP Local File Inclusion.This issue affects JetGridBuilder: from n/a through 1.1.2.
References: https://patchstack.com/database/vulnerability/jetgridbuilder/wordpress-jetgridbuilder-plugin-1-1-2-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-43232
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP OnlineSupport, Essential Plugin Timeline and History slider allows PHP Local File Inclusion.This issue affects Timeline and History slider: from n/a through 2.3.
References: https://patchstack.com/database/vulnerability/timeline-and-history-slider/wordpress-timeline-and-history-slider-plugin-2-3-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-43240
Base Score: 9.4
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.5
Description: Improper Privilege Management vulnerability in azzaroco Ultimate Membership Pro allows Privilege Escalation.This issue affects Ultimate Membership Pro: from n/a through 12.6.
References: https://patchstack.com/database/vulnerability/indeed-membership-pro/wordpress-indeed-ultimate-membership-pro-plugin-12-6-unauthenticated-privilege-escalation-vulnerability?_s_id=cve
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-43400
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible for a user without Script or Programming rights to craft a URL pointing to a page with arbitrary JavaScript. This requires social engineer to trick a user to follow the URL. This has been patched in XWiki 14.10.21, 15.5.5, 15.10.6 and 16.0.0.
References: https://github.com/xwiki/xwiki-platform/commit/27eca8423fc1ad177518077a733076821268509c
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-wcg9-pgqv-xm5v
https://jira.xwiki.org/browse/XWIKI-21810
CWE-ID: CWE-96
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-43401
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A user without script/programming right can trick a user with elevated rights to edit a content with a malicious payload using a WYSIWYG editor. The user with elevated rights is not warned beforehand that they are going to edit possibly dangerous content. The payload is executed at edit time. This vulnerability has been patched in XWiki 15.10RC1.
References: https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-f963-4cq8-2gw7
https://jira.xwiki.org/browse/XWIKI-20331
https://jira.xwiki.org/browse/XWIKI-21311
https://jira.xwiki.org/browse/XWIKI-21481
https://jira.xwiki.org/browse/XWIKI-21482
https://jira.xwiki.org/browse/XWIKI-21483
https://jira.xwiki.org/browse/XWIKI-21484
https://jira.xwiki.org/browse/XWIKI-21485
https://jira.xwiki.org/browse/XWIKI-21486
https://jira.xwiki.org/browse/XWIKI-21487
https://jira.xwiki.org/browse/XWIKI-21488
https://jira.xwiki.org/browse/XWIKI-21489
https://jira.xwiki.org/browse/XWIKI-21490
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-43242
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.2
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro allows Object Injection.This issue affects Ultimate Membership Pro: from n/a through 12.6.
References: https://patchstack.com/database/vulnerability/indeed-membership-pro/wordpress-indeed-ultimate-membership-pro-plugin-12-6-unauthenticated-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-43245
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This issue affects JobSearch: from n/a through 2.3.4.
References: https://patchstack.com/database/vulnerability/wp-jobsearch/wordpress-jobsearch-plugin-2-3-4-unauthenticated-account-takeover-vulnerability?_s_id=cve
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-43247
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WHMpress: from n/a through 6.2-revision-5.
References: https://patchstack.com/database/vulnerability/whmpress/wordpress-whmpress-plugin-6-2-revision-5-subscriber-arbitrary-settings-change-vulnerability?_s_id=cve
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-43248
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bit Apps Bit Form Pro allows File Manipulation.This issue affects Bit Form Pro: from n/a through 2.6.4.
References: https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-unauthenticated-arbitrary-file-deletion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-43249
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows Command Injection.This issue affects Bit Form Pro: from n/a through 2.6.4.
References: https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-authenticated-arbitrary-file-upload-vulnerability?_s_id=cve
CWE-ID: CWE-434
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-43250
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.2
Description: Incorrect Authorization vulnerability in Bit Apps Bit Form Pro bitformpro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bit Form Pro: from n/a through 2.6.4.
References: https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-authenticated-plugin-settings-change-vulnerability?_s_id=cve
CWE-ID: CWE-863
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-43252
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.2
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in Crew HRM allows Object Injection.This issue affects Crew HRM: from n/a through 1.1.1.
References: https://patchstack.com/database/vulnerability/hr-management/wordpress-crew-hrm-plugin-1-1-1-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-43256
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.2
Description: Missing Authorization vulnerability in nouthemes Leopard - WordPress offload media allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Leopard - WordPress offload media: from n/a through 2.0.36.
References: https://patchstack.com/database/vulnerability/leopard-wordpress-offload-media/wordpress-leopard-wordpress-offload-media-plugin-2-0-36-subscriber-plugin-settings-change-vulnerability?_s_id=cve
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-43261
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Hamed Naderfar Compute Links allows PHP Remote File Inclusion.This issue affects Compute Links: from n/a through 1.2.1.
References: https://patchstack.com/database/vulnerability/compute-links/wordpress-compute-links-plugin-1-2-1-remote-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-98
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-43271
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themelocation Woo Products Widgets For Elementor allows PHP Local File Inclusion.This issue affects Woo Products Widgets For Elementor: from n/a through 2.0.0.
References: https://patchstack.com/database/vulnerability/woo-products-widgets-for-elementor/wordpress-widgets-for-woocommerce-products-on-elementor-plugin-2-0-0-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-42813
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow vulnerability due to the lack of length verification for the service field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
References: https://gist.github.com/XiaoCurry/204680035c1efffa27d14956820ad928
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-43311
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Improper Privilege Management vulnerability in Geek Code Lab Login As Users allows Privilege Escalation.This issue affects Login As Users: from n/a through 1.4.2.
References: https://patchstack.com/database/vulnerability/login-as-users/wordpress-login-as-users-plugin-1-4-2-broken-authentication-vulnerability?_s_id=cve
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-43328
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 6.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper EmbedPress allows PHP Local File Inclusion.This issue affects EmbedPress: from n/a through 4.0.9.
References: https://patchstack.com/database/vulnerability/embedpress/wordpress-embedpress-plugin-4-0-9-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
27. CVE-2024-43345
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 5.9
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PluginOps Landing Page Builder allows PHP Local File Inclusion.This issue affects Landing Page Builder: from n/a through 1.5.2.0.
References: https://patchstack.com/database/vulnerability/page-builder-add/wordpress-landing-page-builder-plugin-1-5-2-0-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
28. CVE-2024-43354
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Deserialization of Untrusted Data vulnerability in myCred allows Object Injection.This issue affects myCred: from n/a through 2.7.2.
References: https://patchstack.com/database/vulnerability/mycred/wordpress-mycred-plugin-2-7-2-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
29. CVE-2024-4785
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: BT: Missing Check in LL_CONNECTION_UPDATE_IND Packet Leads to Division by Zero
References: https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xcr5-5g98-mchp
CWE-ID: CWE-20 CWE-369
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between August 19-20, 2024.
During this period, The National Vulnerability Database published 76, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 15
High: 14
Medium: 23
Low: 1
Severity Not Assigned: 23
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-44076
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: In Microcks before 1.10.0, the POST /api/import and POST /api/export endpoints allow non-administrator access.
References: https://github.com/microcks/microcks/compare/1.9.1-fix-1...1.10.0
https://github.com/microcks/microcks/issues/1212
https://github.com/microcks/microcks/releases/tag/1.10.0
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-44083
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue.
References: https://github.com/Azvanzed/IdaMeme
CWE-ID: CWE-400
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-6330
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: The GEO my WP WordPress plugin before 4.5.0.2 does not prevent unauthenticated attackers from including arbitrary files in PHP's execution context, which leads to Remote Code Execution.
References: https://wpscan.com/vulnerability/95b532e0-1ffb-421e-b9c0-de03f89491d7/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-6451
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: AI Engine < 2.4.3 is susceptible to remote-code-execution (RCE) via Log Poisoning. The AI Engine WordPress plugin before 2.5.1 fails to validate the file extension of "logs_path", allowing Administrators to change log filetypes from .log to .php.
References: https://wpscan.com/vulnerability/fc06d413-a227-470c-a5b7-cdab57aeab34/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-43399
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 2.1
Impact Score: 5.9
Description: Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Before 4.0.7, there is a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure intended to prevent Zip Slip attacks is improperly implemented. Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running MobSF. This vulnerability is fixed in 4.0.7.
References: https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/cc625fe8430f3437a473e82aa2966d100a4dc883
https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-4hh3-vj32-gr6j
CWE-ID: CWE-23
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-32927
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: In sendDeviceState_1_6 of RadioExt.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
References: https://source.android.com/security/bulletin/pixel/2024-08-01
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-37099
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in Liquid Web GiveWP allows Object Injection.This issue affects GiveWP: from n/a through 3.14.1.
References: https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-3-14-1-unauthenticated-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-42658
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookie's parameter
References: https://github.com/sudo-subho/CVE-2024-42658
https://www.linkedin.com/in/subhodeep-baroi-397629252/
https://x.com/sudo_subho
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-43221
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Crocoblock JetGridBuilder allows PHP Local File Inclusion.This issue affects JetGridBuilder: from n/a through 1.1.2.
References: https://patchstack.com/database/vulnerability/jetgridbuilder/wordpress-jetgridbuilder-plugin-1-1-2-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-43232
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP OnlineSupport, Essential Plugin Timeline and History slider allows PHP Local File Inclusion.This issue affects Timeline and History slider: from n/a through 2.3.
References: https://patchstack.com/database/vulnerability/timeline-and-history-slider/wordpress-timeline-and-history-slider-plugin-2-3-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-43240
Base Score: 9.4
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.5
Description: Improper Privilege Management vulnerability in azzaroco Ultimate Membership Pro allows Privilege Escalation.This issue affects Ultimate Membership Pro: from n/a through 12.6.
References: https://patchstack.com/database/vulnerability/indeed-membership-pro/wordpress-indeed-ultimate-membership-pro-plugin-12-6-unauthenticated-privilege-escalation-vulnerability?_s_id=cve
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-43400
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible for a user without Script or Programming rights to craft a URL pointing to a page with arbitrary JavaScript. This requires social engineer to trick a user to follow the URL. This has been patched in XWiki 14.10.21, 15.5.5, 15.10.6 and 16.0.0.
References: https://github.com/xwiki/xwiki-platform/commit/27eca8423fc1ad177518077a733076821268509c
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-wcg9-pgqv-xm5v
https://jira.xwiki.org/browse/XWIKI-21810
CWE-ID: CWE-96
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-43401
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A user without script/programming right can trick a user with elevated rights to edit a content with a malicious payload using a WYSIWYG editor. The user with elevated rights is not warned beforehand that they are going to edit possibly dangerous content. The payload is executed at edit time. This vulnerability has been patched in XWiki 15.10RC1.
References: https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-f963-4cq8-2gw7
https://jira.xwiki.org/browse/XWIKI-20331
https://jira.xwiki.org/browse/XWIKI-21311
https://jira.xwiki.org/browse/XWIKI-21481
https://jira.xwiki.org/browse/XWIKI-21482
https://jira.xwiki.org/browse/XWIKI-21483
https://jira.xwiki.org/browse/XWIKI-21484
https://jira.xwiki.org/browse/XWIKI-21485
https://jira.xwiki.org/browse/XWIKI-21486
https://jira.xwiki.org/browse/XWIKI-21487
https://jira.xwiki.org/browse/XWIKI-21488
https://jira.xwiki.org/browse/XWIKI-21489
https://jira.xwiki.org/browse/XWIKI-21490
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-43242
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.2
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro allows Object Injection.This issue affects Ultimate Membership Pro: from n/a through 12.6.
References: https://patchstack.com/database/vulnerability/indeed-membership-pro/wordpress-indeed-ultimate-membership-pro-plugin-12-6-unauthenticated-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-43245
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This issue affects JobSearch: from n/a through 2.3.4.
References: https://patchstack.com/database/vulnerability/wp-jobsearch/wordpress-jobsearch-plugin-2-3-4-unauthenticated-account-takeover-vulnerability?_s_id=cve
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-43247
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WHMpress: from n/a through 6.2-revision-5.
References: https://patchstack.com/database/vulnerability/whmpress/wordpress-whmpress-plugin-6-2-revision-5-subscriber-arbitrary-settings-change-vulnerability?_s_id=cve
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-43248
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bit Apps Bit Form Pro allows File Manipulation.This issue affects Bit Form Pro: from n/a through 2.6.4.
References: https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-unauthenticated-arbitrary-file-deletion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-43249
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows Command Injection.This issue affects Bit Form Pro: from n/a through 2.6.4.
References: https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-authenticated-arbitrary-file-upload-vulnerability?_s_id=cve
CWE-ID: CWE-434
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-43250
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.2
Description: Incorrect Authorization vulnerability in Bit Apps Bit Form Pro bitformpro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bit Form Pro: from n/a through 2.6.4.
References: https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-authenticated-plugin-settings-change-vulnerability?_s_id=cve
CWE-ID: CWE-863
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-43252
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.2
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in Crew HRM allows Object Injection.This issue affects Crew HRM: from n/a through 1.1.1.
References: https://patchstack.com/database/vulnerability/hr-management/wordpress-crew-hrm-plugin-1-1-1-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-43256
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.2
Description: Missing Authorization vulnerability in nouthemes Leopard - WordPress offload media allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Leopard - WordPress offload media: from n/a through 2.0.36.
References: https://patchstack.com/database/vulnerability/leopard-wordpress-offload-media/wordpress-leopard-wordpress-offload-media-plugin-2-0-36-subscriber-plugin-settings-change-vulnerability?_s_id=cve
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-43261
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Hamed Naderfar Compute Links allows PHP Remote File Inclusion.This issue affects Compute Links: from n/a through 1.2.1.
References: https://patchstack.com/database/vulnerability/compute-links/wordpress-compute-links-plugin-1-2-1-remote-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-98
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-43271
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 6.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themelocation Woo Products Widgets For Elementor allows PHP Local File Inclusion.This issue affects Woo Products Widgets For Elementor: from n/a through 2.0.0.
References: https://patchstack.com/database/vulnerability/woo-products-widgets-for-elementor/wordpress-widgets-for-woocommerce-products-on-elementor-plugin-2-0-0-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-42813
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow vulnerability due to the lack of length verification for the service field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
References: https://gist.github.com/XiaoCurry/204680035c1efffa27d14956820ad928
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-43311
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Improper Privilege Management vulnerability in Geek Code Lab Login As Users allows Privilege Escalation.This issue affects Login As Users: from n/a through 1.4.2.
References: https://patchstack.com/database/vulnerability/login-as-users/wordpress-login-as-users-plugin-1-4-2-broken-authentication-vulnerability?_s_id=cve
CWE-ID: CWE-269
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-43328
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 6.0
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper EmbedPress allows PHP Local File Inclusion.This issue affects EmbedPress: from n/a through 4.0.9.
References: https://patchstack.com/database/vulnerability/embedpress/wordpress-embedpress-plugin-4-0-9-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
27. CVE-2024-43345
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 1.6
Impact Score: 5.9
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PluginOps Landing Page Builder allows PHP Local File Inclusion.This issue affects Landing Page Builder: from n/a through 1.5.2.0.
References: https://patchstack.com/database/vulnerability/page-builder-add/wordpress-landing-page-builder-plugin-1-5-2-0-local-file-inclusion-vulnerability?_s_id=cve
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
28. CVE-2024-43354
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Deserialization of Untrusted Data vulnerability in myCred allows Object Injection.This issue affects myCred: from n/a through 2.7.2.
References: https://patchstack.com/database/vulnerability/mycred/wordpress-mycred-plugin-2-7-2-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
29. CVE-2024-4785
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: BT: Missing Check in LL_CONNECTION_UPDATE_IND Packet Leads to Division by Zero
References: https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xcr5-5g98-mchp
CWE-ID: CWE-20 CWE-369
Common Platform Enumerations (CPE): Not Found