In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between November 19-20, 2024.
During this period, The National Vulnerability Database published 385, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 3
High: 49
Medium: 194
Low: 1
Severity Not Assigned: 138
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-21539
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Versions of the package @eslint/plugin-kit before 0.2.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by exploiting this vulnerability.
References: https://github.com/eslint/rewrite/commit/071be842f0bd58de4863cdf2ab86d60f49912abf
https://security.snyk.io/vuln/SNYK-JS-ESLINTPLUGINKIT-8340627
CWE-ID: CWE-1333
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-8403
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 and later and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication of the products by sending specially crafted SLMP packets.
References: https://jvn.jp/vu/JVNVU97790713/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-324-01
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-009_en.pdf
CWE-ID: CWE-1287
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-10388
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 2.7
Description: The WordPress GDPR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gdpr_firstname' and 'gdpr_lastname' parameters in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References: https://www.welaunch.io/en/product/wordpress-gdpr/#changelog
https://www.wordfence.com/threat-intel/vulnerabilities/id/bf707d9b-2b96-4d1b-b798-38f7fe958eaf?source=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-11036
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: The The GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via gamipress_get_user_earnings AJAX action in all versions up to, and including, 7.1.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
References: https://plugins.trac.wordpress.org/browser/gamipress/
https://plugins.trac.wordpress.org/browser/gamipress/tags/7.1.4/includes/functions.php#L693
https://plugins.trac.wordpress.org/browser/gamipress/tags/7.1.4/includes/functions.php#L702
https://wordpress.org/plugins/gamipress/#developers
https://www.wordfence.com/threat-intel/vulnerabilities/id/bad0cd3f-88ea-4a1d-b400-0a450b07a546?source=cve
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-11038
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: The The WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup plugin for WordPress is vulnerable to arbitrary shortcode execution via wpb_pcf_fire_contact_form AJAX action in all versions up to, and including, 1.7.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
References: https://gist.github.com/wpbean/1a5abfea883621b4e150eab1362a420f
https://plugins.trac.wordpress.org/browser/wpb-popup-for-contact-form-7/tags/1.7.4/includes/class.ajax.php#L34
https://plugins.trac.wordpress.org/changeset/3188864/
https://wordpress.org/plugins/wpb-popup-for-contact-form-7/#developers
https://www.wordfence.com/threat-intel/vulnerabilities/id/a7faa800-3b29-4b79-8b94-1e7985acb50d?source=cve
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-11194
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a misconfigured check on the 'rtcl_import_settings' function in all versions up to, and including, 3.1.15.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited arbitrary options on the WordPress site. This can be leveraged to update the Subscriber role with Administrator-level capabilities to gain administrative user access to a vulnerable site. The vulnerability is limited in that the option updated must have a value that is an array.
References: https://plugins.trac.wordpress.org/browser/classified-listing/tags/3.1.12/app/Controllers/Ajax/Import.php#L309
https://plugins.trac.wordpress.org/browser/classified-listing/tags/3.1.12/app/Controllers/Ajax/Import.php#L473
https://plugins.trac.wordpress.org/changeset/3189516/
https://www.wordfence.com/threat-intel/vulnerabilities/id/13d9a59f-1a1a-4936-a5ab-8a5e0c50303b?source=cve
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-10204
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Heap-based Buffer Overflow and Uninitialized Variable vulnerabilities exist in the X_B and SAT file reading procedure in eDrawings from Release SOLIDWORKS 2024 through Release SOLIDWORKS 2025. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted X_B or SAT file.
References: https://www.3ds.com/vulnerability/advisories
CWE-ID: CWE-122 CWE-457
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-11075
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.0
Impact Score: 6.0
Description: A vulnerability in the Incoming Goods Suite allows a user with unprivileged access to the underlying system (e.g. local or via SSH) a privilege escalation to the administrative level due to the usage of component vendor Docker images running with root permissions. Exploiting this misconfiguration leads to the fact that an attacker can gain administrative control. over the whole system.
References: https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF
https://sick.com/psirt
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
https://www.first.org/cvss/calculator/3.1
https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0005.json
https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0005.pdf
CWE-ID: CWE-250
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-50519
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visser Labs Jigoshop – Store Exporter allows Reflected XSS.This issue affects Jigoshop – Store Exporter: from n/a through 1.5.8.
References: https://patchstack.com/database/vulnerability/jigoshop-exporter/wordpress-jigoshop-store-exporter-plugin-1-5-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-50522
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Redy Ru WeChat Subscribers Lite allows Reflected XSS.This issue affects WeChat Subscribers Lite : from n/a through 1.6.6.
References: https://patchstack.com/database/vulnerability/wechat-subscribers-lite/wordpress-wechat-subscribers-lite-plugin-1-6-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-50532
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jerin K Alexander Events Manager Pro – extended allows Reflected XSS.This issue affects Events Manager Pro – extended: from n/a through 0.1.
References: https://patchstack.com/database/vulnerability/events-manager-pro-extended/wordpress-events-manager-pro-extended-plugin-0-1-csrf-to-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-50533
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in David Garcia Domain Sharding allows Stored XSS.This issue affects Domain Sharding: from n/a through 1.2.1.
References: https://patchstack.com/database/vulnerability/domain-sharding/wordpress-domain-sharding-plugin-1-2-1-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-50534
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Syed Umair Hussain Shah World Prayer Time allows Stored XSS.This issue affects World Prayer Time: from n/a through 2.0.
References: https://patchstack.com/database/vulnerability/world-prayer-time/wordpress-world-prayer-time-plugin-2-0-csrf-to-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-51631
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Eftakhairul Islam Sticky Social Bar allows Cross Site Request Forgery.This issue affects Sticky Social Bar: from n/a through 2.0.
References: https://patchstack.com/database/vulnerability/sticky-social-bar/wordpress-sticky-social-bar-plugin-2-0-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-51632
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sam Hoe SH Slideshow allows Stored XSS.This issue affects SH Slideshow: from n/a through 4.3.
References: https://patchstack.com/database/vulnerability/sh-slideshow/wordpress-sh-slideshow-plugin-4-3-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-51633
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in IvyCat Web Services Simple Page Specific Sidebars allows Stored XSS.This issue affects Simple Page Specific Sidebars: from n/a through 2.14.1.
References: https://patchstack.com/database/vulnerability/page-specific-sidebars/wordpress-simple-page-specific-sidebars-plugin-2-14-1-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-51634
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Webriti WordPress Themes & Plugins Shop Webriti Custom Login allows Reflected XSS.This issue affects Webriti Custom Login: from n/a through 0.3.
References: https://patchstack.com/database/vulnerability/webriti-custom-login-page/wordpress-webriti-custom-login-plugin-0-3-csrf-to-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-51635
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Garmur While Loading allows Stored XSS.This issue affects While Loading: from n/a through 3.0.
References: https://patchstack.com/database/vulnerability/while-it-is-loading/wordpress-while-loading-plugin-3-0-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-51636
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Z.com by GMO GMO Social Connection allows Cross-Site Scripting (XSS).This issue affects GMO Social Connection: from n/a through 1.2.
References: https://patchstack.com/database/vulnerability/gmo-social-connection/wordpress-plugin-name-gmo-social-connection-plugin-1-2-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-51637
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Scott E. Royalty Admin SMS Alert allows Stored XSS.This issue affects Admin SMS Alert: from n/a through 1.1.0.
References: https://patchstack.com/database/vulnerability/admin-sms-alert/wordpress-admin-sms-alert-plugin-1-1-0-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-51638
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sanjeev Mohindra Awesome Shortcodes For Genesis allows Stored XSS.This issue affects Awesome Shortcodes For Genesis: from n/a through .8.
References: https://patchstack.com/database/vulnerability/awesome-shortcodes-for-genesis/wordpress-awesome-shortcodes-for-genesis-plugin-1-1-8-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-51639
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Hints Naver Blog allows Stored XSS.This issue affects Naver Blog: from n/a through 1.0.
References: https://patchstack.com/database/vulnerability/naver-blog-api/wordpress-naver-blog-plugin-1-0-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-51640
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Matt Rude MDR Webmaster Tools allows Stored XSS.This issue affects MDR Webmaster Tools: from n/a through 1.1.
References: https://patchstack.com/database/vulnerability/mdr-webmaster-tools/wordpress-mdr-webmaster-tools-plugin-1-1-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-51641
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in jcmlmorav Advanced PDF Generator allows Stored XSS.This issue affects Advanced PDF Generator: from n/a through 0.4.0.
References: https://patchstack.com/database/vulnerability/advanced-pdf-generator/wordpress-advanced-pdf-generator-plugin-0-4-0-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-51642
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in webhostri Seo Free allows Stored XSS.This issue affects Seo Free: from n/a through 1.4.
References: https://patchstack.com/database/vulnerability/seo-free/wordpress-seo-free-plugin-1-4-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-51643
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Rajan Agaskar Amazon Associate Filter allows Stored XSS.This issue affects Amazon Associate Filter: from n/a through 0.4.
References: https://patchstack.com/database/vulnerability/amazon-associate-filter/wordpress-amazon-associate-filter-plugin-0-4-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
27. CVE-2024-51644
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sam Wilson Addressbook allows Stored XSS.This issue affects Addressbook: from n/a through 1.1.3.
References: https://patchstack.com/database/vulnerability/addressbook/wordpress-addressbook-plugin-1-1-3-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
28. CVE-2024-51645
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Themefuse ThemeFuse Maintenance Mode allows Stored XSS.This issue affects ThemeFuse Maintenance Mode: from n/a through 1.1.3.
References: https://patchstack.com/database/vulnerability/themefuse-maintenance-mode/wordpress-themefuse-maintenance-mode-plugin-1-1-3-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
29. CVE-2024-51648
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Hands, Inc e-shops allows Reflected XSS.This issue affects e-shops: from n/a through 1.0.3.
References: https://patchstack.com/database/vulnerability/e-shops-cart2/wordpress-e-shops-plugin-1-0-3-csrf-to-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
30. CVE-2024-51649
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Patrick Lumumba Mobilize allows Stored XSS.This issue affects Mobilize: from n/a through 3.0.7.
References: https://patchstack.com/database/vulnerability/mobilize/wordpress-mobilize-plugin-3-0-7-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
31. CVE-2024-51650
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Scott @ MyDollarPlan.com Random Featured Post allows Stored XSS.This issue affects Random Featured Post: from n/a through 1.1.3.
References: https://patchstack.com/database/vulnerability/random-featured-post-plugin/wordpress-random-featured-post-plugin-1-1-3-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
32. CVE-2024-51652
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Prem Nawaz Khan, Victor Tsaran, Ron Feathers, and Marc Kocher Skip To allows Stored XSS.This issue affects Skip To: from n/a through 2.0.0.
References: https://patchstack.com/database/vulnerability/skip-to/wordpress-skip-to-plugin-2-0-0-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
33. CVE-2024-51653
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Mario Spinaci UPDATE NOTIFICATIONS allows Stored XSS.This issue affects UPDATE NOTIFICATIONS: from n/a through 0.3.4.
References: https://patchstack.com/database/vulnerability/update-notifications/wordpress-update-notifications-plugin-0-3-4-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
34. CVE-2024-51654
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in APK.Support APK Downloader allows Stored XSS.This issue affects APK Downloader: from n/a through 1.0.0.
References: https://patchstack.com/database/vulnerability/apk-downloader/wordpress-apk-downloader-plugin-1-0-0-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
35. CVE-2024-51655
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Microkid Custom Author URL allows Stored XSS.This issue affects Custom Author URL: from n/a through 2.0.1.
References: https://patchstack.com/database/vulnerability/author-slug/wordpress-custom-author-url-plugin-2-0-1-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
36. CVE-2024-51656
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in litefeel Flash Show And Hide Box allows Stored XSS.This issue affects Flash Show And Hide Box: from n/a through 1.6.
References: https://patchstack.com/database/vulnerability/flash-show-and-hide-box/wordpress-flash-show-and-hide-box-plugin-1-6-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
37. CVE-2024-51657
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Woopy Plugins SmartLink Dynamic URLs allows Stored XSS.This issue affects SmartLink Dynamic URLs: from n/a through 1.1.0.
References: https://patchstack.com/database/vulnerability/smartlink-dinamic-urls/wordpress-smartlink-dynamic-urls-plugin-1-1-0-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
38. CVE-2024-52388
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Mike “Mikeage” Miller Hebrew Date allows Stored XSS.This issue affects Hebrew Date: from n/a through 2.1.0.
References: https://patchstack.com/database/vulnerability/hebrewdates/wordpress-hebrew-date-plugin-2-1-0-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
39. CVE-2024-52401
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Cross-Site Request Forgery (CSRF) vulnerability in ???? Hacklog DownloadManager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through 2.1.4.
References: https://patchstack.com/database/vulnerability/hacklog-downloadmanager/wordpress-hacklog-downloadmanager-plugin-2-1-4-csrf-to-arbitrary-file-upload-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
40. CVE-2024-52402
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Cross-Site Request Forgery (CSRF) vulnerability in Cliconomics Exclusive Content Password Protect allows Upload a Web Shell to a Web Server.This issue affects Exclusive Content Password Protect: from n/a through 1.1.0.
References: https://patchstack.com/database/vulnerability/exclusive-content-password-protect/wordpress-exclusive-content-password-protect-plugin-1-1-0-csrf-to-arbitrary-file-upload-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
41. CVE-2024-52421
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP Popup Window Maker allows Stored XSS.This issue affects WP Popup Window Maker: from n/a through 2.0.
References: https://patchstack.com/database/vulnerability/easy-popup-lightbox-maker/wordpress-wp-popup-window-maker-plugin-2-0-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
42. CVE-2024-11003
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps.
References: https://github.com/liske/needrestart/commit/0f80a348883f72279a859ee655f58da34babefb0
https://www.cve.org/CVERecord?id=CVE-2024-10224
https://www.cve.org/CVERecord?id=CVE-2024-11003
https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
43. CVE-2024-42450
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: The Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is also needed for High Availability function of the Versa Director. The default configuration has a common password across all instances of Versa Director. By default, Versa Director configures Postgres to listen on all network interfaces. This combination allows an unauthenticated attacker to access and administer the database or read local filesystem contents to escalate privileges on the system.
Exploitation Status:
Versa Networks is not aware of this exploitation in any production systems. A proof of concept exists in the lab environment.
Workarounds or Mitigation:
Starting with the latest 22.1.4 version of Versa Director, the software will automatically restrict access to the Postgres and HA ports to only the local and peer Versa Directors. For older releases, Versa recommends performing manual hardening of HA ports. Please refer to the following link for the steps https://docs.versa-networks.com/Solutions/System_Hardening/Perform_Manual_Hardening_for_Versa_Director#Secure_HA_Ports
This vulnerability is not exploitable on Versa Directors if published Firewall guidelines are implemented. We have validated that no Versa-hosted head ends have been affected by this vulnerability. All Versa-hosted head ends are patched and hardened.
Please contact Versa Technical Support or Versa account team for any further assistance.
Software Download Links:
22.1.4: https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4
References: https://security-portal.versa-networks.com/emailbulletins/6735a300415abb89e9a8a9d3
CWE-ID: CWE-798
Common Platform Enumerations (CPE): Not Found
44. CVE-2024-48990
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
References: https://github.com/liske/needrestart/commit/fcc9a4401392231bef4ef5ed026a0d7a275149ab
https://www.cve.org/CVERecord?id=CVE-2024-48990
https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
CWE-ID: CWE-427
Common Platform Enumerations (CPE): Not Found
45. CVE-2024-48991
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter).
References: https://github.com/liske/needrestart/commit/6ce6136cccc307c6b8a0f8cae12f9a22ac2aad59
https://www.cve.org/CVERecord?id=CVE-2024-48991
https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
46. CVE-2024-48992
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable.
References: https://github.com/liske/needrestart/commit/b5f25f6ec6e7dd0c5be249e4e45de4ee9ffe594f
https://www.cve.org/CVERecord?id=CVE-2024-48992
https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
CWE-ID: CWE-427
Common Platform Enumerations (CPE): Not Found
47. CVE-2024-21697
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows.
This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction.
Atlassian recommends that Sourcetree for Mac and Sourcetree for Windows customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
Sourcetree for Mac 4.2: Upgrade to a release greater than or equal to 4.2.9
Sourcetree for Windows 3.4: Upgrade to a release greater than or equal to 3.4.20
See the release notes ([https://www.sourcetreeapp.com/download-archives]). You can download the latest version of Sourcetree for Mac and Sourcetree for Windows from the download center ([https://www.sourcetreeapp.com/download-archives]).
This vulnerability was reported via our Penetration Testing program.
References: https://confluence.atlassian.com/pages/viewpage.action?pageId=1456179091
https://jira.atlassian.com/browse/SRCTREE-8168
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
48. CVE-2024-51503
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 1.3
Impact Score: 6.0
Description: A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to remotely inject commands to other machines in the same domain.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability locally and must have domain user privileges to affect other machines.
References: https://success.trendmicro.com/en-US/solution/KA-0018154
https://www.zerodayinitiative.com/advisories/ZDI-24-1516/
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
49. CVE-2024-11395
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
References: https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_19.html
https://issues.chromium.org/issues/377384894
CWE-ID: CWE-843
Common Platform Enumerations (CPE): Not Found
50. CVE-2024-45419
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.2
Description: Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access.
References: https://www.zoom.com/en/trust/security-bulletin/zsb-24041
CWE-ID: CWE-252
Common Platform Enumerations (CPE): Not Found
51. CVE-2024-52360
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.
References: https://www.ibm.com/support/pages/node/7176346
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
52. CVE-2024-52595
Base Score: 7.7
Base Severity: HIGH
Exploitability Score: 2.2
Impact Score: 5.5
Description: lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as `
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between November 19-20, 2024.
During this period, The National Vulnerability Database published 385, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 3
High: 49
Medium: 194
Low: 1
Severity Not Assigned: 138
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-21539
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Versions of the package @eslint/plugin-kit before 0.2.3 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by exploiting this vulnerability.
References: https://github.com/eslint/rewrite/commit/071be842f0bd58de4863cdf2ab86d60f49912abf
https://security.snyk.io/vuln/SNYK-JS-ESLINTPLUGINKIT-8340627
CWE-ID: CWE-1333
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-8403
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 and later and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication of the products by sending specially crafted SLMP packets.
References: https://jvn.jp/vu/JVNVU97790713/
https://www.cisa.gov/news-events/ics-advisories/icsa-24-324-01
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-009_en.pdf
CWE-ID: CWE-1287
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-10388
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 2.7
Description: The WordPress GDPR plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gdpr_firstname' and 'gdpr_lastname' parameters in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References: https://www.welaunch.io/en/product/wordpress-gdpr/#changelog
https://www.wordfence.com/threat-intel/vulnerabilities/id/bf707d9b-2b96-4d1b-b798-38f7fe958eaf?source=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-11036
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: The The GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via gamipress_get_user_earnings AJAX action in all versions up to, and including, 7.1.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
References: https://plugins.trac.wordpress.org/browser/gamipress/
https://plugins.trac.wordpress.org/browser/gamipress/tags/7.1.4/includes/functions.php#L693
https://plugins.trac.wordpress.org/browser/gamipress/tags/7.1.4/includes/functions.php#L702
https://wordpress.org/plugins/gamipress/#developers
https://www.wordfence.com/threat-intel/vulnerabilities/id/bad0cd3f-88ea-4a1d-b400-0a450b07a546?source=cve
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-11038
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: The The WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup plugin for WordPress is vulnerable to arbitrary shortcode execution via wpb_pcf_fire_contact_form AJAX action in all versions up to, and including, 1.7.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
References: https://gist.github.com/wpbean/1a5abfea883621b4e150eab1362a420f
https://plugins.trac.wordpress.org/browser/wpb-popup-for-contact-form-7/tags/1.7.4/includes/class.ajax.php#L34
https://plugins.trac.wordpress.org/changeset/3188864/
https://wordpress.org/plugins/wpb-popup-for-contact-form-7/#developers
https://www.wordfence.com/threat-intel/vulnerabilities/id/a7faa800-3b29-4b79-8b94-1e7985acb50d?source=cve
CWE-ID: CWE-94
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-11194
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: The Classified Listing – Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a misconfigured check on the 'rtcl_import_settings' function in all versions up to, and including, 3.1.15.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited arbitrary options on the WordPress site. This can be leveraged to update the Subscriber role with Administrator-level capabilities to gain administrative user access to a vulnerable site. The vulnerability is limited in that the option updated must have a value that is an array.
References: https://plugins.trac.wordpress.org/browser/classified-listing/tags/3.1.12/app/Controllers/Ajax/Import.php#L309
https://plugins.trac.wordpress.org/browser/classified-listing/tags/3.1.12/app/Controllers/Ajax/Import.php#L473
https://plugins.trac.wordpress.org/changeset/3189516/
https://www.wordfence.com/threat-intel/vulnerabilities/id/13d9a59f-1a1a-4936-a5ab-8a5e0c50303b?source=cve
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-10204
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Heap-based Buffer Overflow and Uninitialized Variable vulnerabilities exist in the X_B and SAT file reading procedure in eDrawings from Release SOLIDWORKS 2024 through Release SOLIDWORKS 2025. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted X_B or SAT file.
References: https://www.3ds.com/vulnerability/advisories
CWE-ID: CWE-122 CWE-457
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-11075
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.0
Impact Score: 6.0
Description: A vulnerability in the Incoming Goods Suite allows a user with unprivileged access to the underlying system (e.g. local or via SSH) a privilege escalation to the administrative level due to the usage of component vendor Docker images running with root permissions. Exploiting this misconfiguration leads to the fact that an attacker can gain administrative control. over the whole system.
References: https://cdn.sick.com/media/docs/1/11/411/Special_information_CYBERSECURITY_BY_SICK_en_IM0084411.PDF
https://sick.com/psirt
https://www.cisa.gov/resources-tools/resources/ics-recommended-practices
https://www.first.org/cvss/calculator/3.1
https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0005.json
https://www.sick.com/.well-known/csaf/white/2024/sca-2024-0005.pdf
CWE-ID: CWE-250
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-50519
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Visser Labs Jigoshop – Store Exporter allows Reflected XSS.This issue affects Jigoshop – Store Exporter: from n/a through 1.5.8.
References: https://patchstack.com/database/vulnerability/jigoshop-exporter/wordpress-jigoshop-store-exporter-plugin-1-5-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-50522
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Redy Ru WeChat Subscribers Lite allows Reflected XSS.This issue affects WeChat Subscribers Lite : from n/a through 1.6.6.
References: https://patchstack.com/database/vulnerability/wechat-subscribers-lite/wordpress-wechat-subscribers-lite-plugin-1-6-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-50532
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jerin K Alexander Events Manager Pro – extended allows Reflected XSS.This issue affects Events Manager Pro – extended: from n/a through 0.1.
References: https://patchstack.com/database/vulnerability/events-manager-pro-extended/wordpress-events-manager-pro-extended-plugin-0-1-csrf-to-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-50533
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in David Garcia Domain Sharding allows Stored XSS.This issue affects Domain Sharding: from n/a through 1.2.1.
References: https://patchstack.com/database/vulnerability/domain-sharding/wordpress-domain-sharding-plugin-1-2-1-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-50534
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Syed Umair Hussain Shah World Prayer Time allows Stored XSS.This issue affects World Prayer Time: from n/a through 2.0.
References: https://patchstack.com/database/vulnerability/world-prayer-time/wordpress-world-prayer-time-plugin-2-0-csrf-to-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-51631
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Eftakhairul Islam Sticky Social Bar allows Cross Site Request Forgery.This issue affects Sticky Social Bar: from n/a through 2.0.
References: https://patchstack.com/database/vulnerability/sticky-social-bar/wordpress-sticky-social-bar-plugin-2-0-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-51632
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sam Hoe SH Slideshow allows Stored XSS.This issue affects SH Slideshow: from n/a through 4.3.
References: https://patchstack.com/database/vulnerability/sh-slideshow/wordpress-sh-slideshow-plugin-4-3-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-51633
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in IvyCat Web Services Simple Page Specific Sidebars allows Stored XSS.This issue affects Simple Page Specific Sidebars: from n/a through 2.14.1.
References: https://patchstack.com/database/vulnerability/page-specific-sidebars/wordpress-simple-page-specific-sidebars-plugin-2-14-1-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
17. CVE-2024-51634
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Webriti WordPress Themes & Plugins Shop Webriti Custom Login allows Reflected XSS.This issue affects Webriti Custom Login: from n/a through 0.3.
References: https://patchstack.com/database/vulnerability/webriti-custom-login-page/wordpress-webriti-custom-login-plugin-0-3-csrf-to-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
18. CVE-2024-51635
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Garmur While Loading allows Stored XSS.This issue affects While Loading: from n/a through 3.0.
References: https://patchstack.com/database/vulnerability/while-it-is-loading/wordpress-while-loading-plugin-3-0-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
19. CVE-2024-51636
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Z.com by GMO GMO Social Connection allows Cross-Site Scripting (XSS).This issue affects GMO Social Connection: from n/a through 1.2.
References: https://patchstack.com/database/vulnerability/gmo-social-connection/wordpress-plugin-name-gmo-social-connection-plugin-1-2-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
20. CVE-2024-51637
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Scott E. Royalty Admin SMS Alert allows Stored XSS.This issue affects Admin SMS Alert: from n/a through 1.1.0.
References: https://patchstack.com/database/vulnerability/admin-sms-alert/wordpress-admin-sms-alert-plugin-1-1-0-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-51638
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sanjeev Mohindra Awesome Shortcodes For Genesis allows Stored XSS.This issue affects Awesome Shortcodes For Genesis: from n/a through .8.
References: https://patchstack.com/database/vulnerability/awesome-shortcodes-for-genesis/wordpress-awesome-shortcodes-for-genesis-plugin-1-1-8-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-51639
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Hints Naver Blog allows Stored XSS.This issue affects Naver Blog: from n/a through 1.0.
References: https://patchstack.com/database/vulnerability/naver-blog-api/wordpress-naver-blog-plugin-1-0-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-51640
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Matt Rude MDR Webmaster Tools allows Stored XSS.This issue affects MDR Webmaster Tools: from n/a through 1.1.
References: https://patchstack.com/database/vulnerability/mdr-webmaster-tools/wordpress-mdr-webmaster-tools-plugin-1-1-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
24. CVE-2024-51641
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in jcmlmorav Advanced PDF Generator allows Stored XSS.This issue affects Advanced PDF Generator: from n/a through 0.4.0.
References: https://patchstack.com/database/vulnerability/advanced-pdf-generator/wordpress-advanced-pdf-generator-plugin-0-4-0-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
25. CVE-2024-51642
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in webhostri Seo Free allows Stored XSS.This issue affects Seo Free: from n/a through 1.4.
References: https://patchstack.com/database/vulnerability/seo-free/wordpress-seo-free-plugin-1-4-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-51643
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Rajan Agaskar Amazon Associate Filter allows Stored XSS.This issue affects Amazon Associate Filter: from n/a through 0.4.
References: https://patchstack.com/database/vulnerability/amazon-associate-filter/wordpress-amazon-associate-filter-plugin-0-4-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
27. CVE-2024-51644
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sam Wilson Addressbook allows Stored XSS.This issue affects Addressbook: from n/a through 1.1.3.
References: https://patchstack.com/database/vulnerability/addressbook/wordpress-addressbook-plugin-1-1-3-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
28. CVE-2024-51645
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Themefuse ThemeFuse Maintenance Mode allows Stored XSS.This issue affects ThemeFuse Maintenance Mode: from n/a through 1.1.3.
References: https://patchstack.com/database/vulnerability/themefuse-maintenance-mode/wordpress-themefuse-maintenance-mode-plugin-1-1-3-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
29. CVE-2024-51648
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Hands, Inc e-shops allows Reflected XSS.This issue affects e-shops: from n/a through 1.0.3.
References: https://patchstack.com/database/vulnerability/e-shops-cart2/wordpress-e-shops-plugin-1-0-3-csrf-to-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
30. CVE-2024-51649
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Patrick Lumumba Mobilize allows Stored XSS.This issue affects Mobilize: from n/a through 3.0.7.
References: https://patchstack.com/database/vulnerability/mobilize/wordpress-mobilize-plugin-3-0-7-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
31. CVE-2024-51650
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Scott @ MyDollarPlan.com Random Featured Post allows Stored XSS.This issue affects Random Featured Post: from n/a through 1.1.3.
References: https://patchstack.com/database/vulnerability/random-featured-post-plugin/wordpress-random-featured-post-plugin-1-1-3-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
32. CVE-2024-51652
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Prem Nawaz Khan, Victor Tsaran, Ron Feathers, and Marc Kocher Skip To allows Stored XSS.This issue affects Skip To: from n/a through 2.0.0.
References: https://patchstack.com/database/vulnerability/skip-to/wordpress-skip-to-plugin-2-0-0-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
33. CVE-2024-51653
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Mario Spinaci UPDATE NOTIFICATIONS allows Stored XSS.This issue affects UPDATE NOTIFICATIONS: from n/a through 0.3.4.
References: https://patchstack.com/database/vulnerability/update-notifications/wordpress-update-notifications-plugin-0-3-4-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
34. CVE-2024-51654
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in APK.Support APK Downloader allows Stored XSS.This issue affects APK Downloader: from n/a through 1.0.0.
References: https://patchstack.com/database/vulnerability/apk-downloader/wordpress-apk-downloader-plugin-1-0-0-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
35. CVE-2024-51655
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Microkid Custom Author URL allows Stored XSS.This issue affects Custom Author URL: from n/a through 2.0.1.
References: https://patchstack.com/database/vulnerability/author-slug/wordpress-custom-author-url-plugin-2-0-1-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
36. CVE-2024-51656
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in litefeel Flash Show And Hide Box allows Stored XSS.This issue affects Flash Show And Hide Box: from n/a through 1.6.
References: https://patchstack.com/database/vulnerability/flash-show-and-hide-box/wordpress-flash-show-and-hide-box-plugin-1-6-csrf-to-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
37. CVE-2024-51657
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Woopy Plugins SmartLink Dynamic URLs allows Stored XSS.This issue affects SmartLink Dynamic URLs: from n/a through 1.1.0.
References: https://patchstack.com/database/vulnerability/smartlink-dinamic-urls/wordpress-smartlink-dynamic-urls-plugin-1-1-0-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
38. CVE-2024-52388
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in Mike “Mikeage” Miller Hebrew Date allows Stored XSS.This issue affects Hebrew Date: from n/a through 2.1.0.
References: https://patchstack.com/database/vulnerability/hebrewdates/wordpress-hebrew-date-plugin-2-1-0-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
39. CVE-2024-52401
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Cross-Site Request Forgery (CSRF) vulnerability in ???? Hacklog DownloadManager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through 2.1.4.
References: https://patchstack.com/database/vulnerability/hacklog-downloadmanager/wordpress-hacklog-downloadmanager-plugin-2-1-4-csrf-to-arbitrary-file-upload-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
40. CVE-2024-52402
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Cross-Site Request Forgery (CSRF) vulnerability in Cliconomics Exclusive Content Password Protect allows Upload a Web Shell to a Web Server.This issue affects Exclusive Content Password Protect: from n/a through 1.1.0.
References: https://patchstack.com/database/vulnerability/exclusive-content-password-protect/wordpress-exclusive-content-password-protect-plugin-1-1-0-csrf-to-arbitrary-file-upload-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
41. CVE-2024-52421
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP Popup Window Maker allows Stored XSS.This issue affects WP Popup Window Maker: from n/a through 2.0.
References: https://patchstack.com/database/vulnerability/easy-popup-lightbox-maker/wordpress-wp-popup-window-maker-plugin-2-0-csrf-to-stored-xss-vulnerability?_s_id=cve
CWE-ID: CWE-352
Common Platform Enumerations (CPE): Not Found
42. CVE-2024-11003
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps.
References: https://github.com/liske/needrestart/commit/0f80a348883f72279a859ee655f58da34babefb0
https://www.cve.org/CVERecord?id=CVE-2024-10224
https://www.cve.org/CVERecord?id=CVE-2024-11003
https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
43. CVE-2024-42450
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: The Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is also needed for High Availability function of the Versa Director. The default configuration has a common password across all instances of Versa Director. By default, Versa Director configures Postgres to listen on all network interfaces. This combination allows an unauthenticated attacker to access and administer the database or read local filesystem contents to escalate privileges on the system.
Exploitation Status:
Versa Networks is not aware of this exploitation in any production systems. A proof of concept exists in the lab environment.
Workarounds or Mitigation:
Starting with the latest 22.1.4 version of Versa Director, the software will automatically restrict access to the Postgres and HA ports to only the local and peer Versa Directors. For older releases, Versa recommends performing manual hardening of HA ports. Please refer to the following link for the steps https://docs.versa-networks.com/Solutions/System_Hardening/Perform_Manual_Hardening_for_Versa_Director#Secure_HA_Ports
This vulnerability is not exploitable on Versa Directors if published Firewall guidelines are implemented. We have validated that no Versa-hosted head ends have been affected by this vulnerability. All Versa-hosted head ends are patched and hardened.
Please contact Versa Technical Support or Versa account team for any further assistance.
Software Download Links:
22.1.4: https://support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4
References: https://security-portal.versa-networks.com/emailbulletins/6735a300415abb89e9a8a9d3
CWE-ID: CWE-798
Common Platform Enumerations (CPE): Not Found
44. CVE-2024-48990
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.
References: https://github.com/liske/needrestart/commit/fcc9a4401392231bef4ef5ed026a0d7a275149ab
https://www.cve.org/CVERecord?id=CVE-2024-48990
https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
CWE-ID: CWE-427
Common Platform Enumerations (CPE): Not Found
45. CVE-2024-48991
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by winning a race condition and tricking needrestart into running their own, fake Python interpreter (instead of the system's real Python interpreter).
References: https://github.com/liske/needrestart/commit/6ce6136cccc307c6b8a0f8cae12f9a22ac2aad59
https://www.cve.org/CVERecord?id=CVE-2024-48991
https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
46. CVE-2024-48992
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable.
References: https://github.com/liske/needrestart/commit/b5f25f6ec6e7dd0c5be249e4e45de4ee9ffe594f
https://www.cve.org/CVERecord?id=CVE-2024-48992
https://www.qualys.com/2024/11/19/needrestart/needrestart.txt
CWE-ID: CWE-427
Common Platform Enumerations (CPE): Not Found
47. CVE-2024-21697
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows.
This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction.
Atlassian recommends that Sourcetree for Mac and Sourcetree for Windows customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
Sourcetree for Mac 4.2: Upgrade to a release greater than or equal to 4.2.9
Sourcetree for Windows 3.4: Upgrade to a release greater than or equal to 3.4.20
See the release notes ([https://www.sourcetreeapp.com/download-archives]). You can download the latest version of Sourcetree for Mac and Sourcetree for Windows from the download center ([https://www.sourcetreeapp.com/download-archives]).
This vulnerability was reported via our Penetration Testing program.
References: https://confluence.atlassian.com/pages/viewpage.action?pageId=1456179091
https://jira.atlassian.com/browse/SRCTREE-8168
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
48. CVE-2024-51503
Base Score: 8.0
Base Severity: HIGH
Exploitability Score: 1.3
Impact Score: 6.0
Description: A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to remotely inject commands to other machines in the same domain.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability locally and must have domain user privileges to affect other machines.
References: https://success.trendmicro.com/en-US/solution/KA-0018154
https://www.zerodayinitiative.com/advisories/ZDI-24-1516/
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
49. CVE-2024-11395
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
References: https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_19.html
https://issues.chromium.org/issues/377384894
CWE-ID: CWE-843
Common Platform Enumerations (CPE): Not Found
50. CVE-2024-45419
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.2
Description: Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access.
References: https://www.zoom.com/en/trust/security-bulletin/zsb-24041
CWE-ID: CWE-252
Common Platform Enumerations (CPE): Not Found
51. CVE-2024-52360
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.
References: https://www.ibm.com/support/pages/node/7176346
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
52. CVE-2024-52595
Base Score: 7.7
Base Severity: HIGH
Exploitability Score: 2.2
Impact Score: 5.5
Description: lxml_html_clean is a project for HTML cleaning functionalities copied from `lxml.html.clean`. Prior to version 0.4.0, the HTML Parser in lxml does not properly handle context-switching for special HTML tags such as `