CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54261 – WordPress TAX SERVICE Electronic HDM plugin <= 1.1.2 - SQL Injection vulnerability
https://notcve.org/view.php?id=CVE-2024-54261
The TAX SERVICE Electronic HDM plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.1.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. • https://patchstack.com/database/wordpress/plugin/virtual-hdm-for-taxservice-am/vulnerability/wordpress-tax-service-electronic-hdm-plugin-1-1-2-sql-injection-vulnerability? • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53822 – WordPress Pie Register Premium plugin < 3.8.3.3 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-53822
The Pie Register Premium plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to 3.8.3.3 (exclusive). • https://patchstack.com/database/wordpress/plugin/pie-register-premium/vulnerability/wordpress-pie-register-premium-plugin-3-8-3-3-arbitrary-file-upload-vulnerability? • CWE-434: Unrestricted Upload of File with Dangerous Type CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-54214 – WordPress Revy plugin <= 1.18 - Unauthenticated Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-54214
The Revy plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.18. • https://patchstack.com/database/wordpress/plugin/revy/vulnerability/wordpress-revy-plugin-1-18-unauthenticated-arbitrary-file-upload-vulnerability? • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52490 – WordPress Pathomation plugin <= 2.5.1 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-52490
The Pathomation plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 2.5.1. • https://patchstack.com/database/wordpress/plugin/pathomation/vulnerability/wordpress-pathomation-plugin-2-5-1-arbitrary-file-upload-vulnerability? • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52476 – WordPress Fediverse Embeds plugin <= 1.5.3 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-52476
The Fediverse Embeds plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.5.3. • https://patchstack.com/database/wordpress/plugin/fediverse-embeds/vulnerability/wordpress-fediverse-embeds-plugin-1-5-3-arbitrary-file-upload-vulnerability? • CWE-434: Unrestricted Upload of File with Dangerous Type •