CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31266 – WordPress Advanced Order Export For WooCommerce plugin <= 3.4.4 - Remote Code Execution (RCE) vulnerability
https://notcve.org/view.php?id=CVE-2024-31266
Improper Control of Generation of Code ('Code Injection') vulnerability in AlgolPlus Advanced Order Export For WooCommerce allows Code Injection.This issue affects Advanced Order Export For WooCommerce: from n/a through 3.4.4. ... The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.4.4. This makes it possible for authenticated attackers, with shop manager-level access and above, to execute code on the server. • https://patchstack.com/database/vulnerability/woo-order-export-lite/wordpress-advanced-order-export-for-woocommerce-plugin-3-4-4-remote-code-execution-vulnerability? • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-29672
https://notcve.org/view.php?id=CVE-2024-29672
Directory Traversal vulnerability in zly2006 Reden before v.0.2.514 allows a remote attacker to execute arbitrary code via the DEBUG_RTC_REQUEST_SYNC_DATA in KeyCallbacks.kt. • https://gist.github.com/apple502j/193358682885fe1a6708309ce934e4ed https://github.com/zly2006/reden-is-what-we-made/commit/44c5320f0a1ccaa764dd91df6a12e747f81fe63a • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.6EPSS: 0%CPEs: 24EXPL: 1CVE-2024-31210 – PHP file upload bypass via Plugin installer
https://notcve.org/view.php?id=CVE-2024-31210
If the `DISALLOW_FILE_EDIT` constant is set to `true` on the site _and_ FTP credentials are required when uploading a new theme or plugin, then this technically allows an RCE when the user would otherwise have no means of executing arbitrary PHP code. This issue _only_ affects Administrator level users on single site installations, and Super Admin level users on Multisite installations where it's otherwise expected that the user does not have permission to upload or execute arbitrary PHP code. ... Si la constante `DISALLOW_FILE_EDIT` se establece en `true` en el sitio _y_ se requieren credenciales FTP al cargar un nuevo tema o complemento, entonces esto técnicamente permite un RCE cuando el usuario no tendría medios para ejecutar código PHP arbitrario. • https://github.com/Abo5/CVE-2024-31210 https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-x79f-xrjv-jx5r • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-25705 – Cross site scripting issue in embed widget
https://notcve.org/view.php?id=CVE-2024-25705
There is a cross site scripting vulnerability in the Esri Portal for ArcGIS Experience Builder 11.1 and below on Windows and Linux that allows a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are low. • https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2024-25709 – Self-XSS style in move item dialog
https://notcve.org/view.php?id=CVE-2024-25709
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS versions 10.8.1 – 1121 that may allow a remote, authenticated attacker to create a crafted link that can be saved as a new location when moving an existing item which will potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required to execute this attack are high. • https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •