CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-48743
https://notcve.org/view.php?id=CVE-2024-48743
Cross Site Scripting vulnerability in Sentry v.6.0.9 allows a remote attacker to execute arbitrary code via the z parameter. • https://gist.github.com/rvismit/538232c3f258e468195febb69f3f2d3b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-50473 – WordPress Ajar in5 Embed plugin <= 3.1.3 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-50473
This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://github.com/RandomRobbieBF/CVE-2024-50473 https://patchstack.com/database/vulnerability/ajar-productions-in5-embed/wordpress-ajar-in5-embed-plugin-3-1-3-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-50493 – WordPress Automatic Translation plugin <= 1.0.4 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-50493
This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://github.com/RandomRobbieBF/CVE-2024-50493 https://patchstack.com/database/vulnerability/automatic-translation/wordpress-automatic-translation-plugin-1-0-4-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-50482 – WordPress Woocommerce Product Design plugin <= 1.0.0 - Arbitrary File Upload vulnerability
https://notcve.org/view.php?id=CVE-2024-50482
This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://github.com/RandomRobbieBF/CVE-2024-50482 https://patchstack.com/database/vulnerability/woo-product-design/wordpress-woocommerce-product-design-plugin-1-0-0-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9932 – Wux Blog Editor <= 3.0.0 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-9932
This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://github.com/RandomRobbieBF/CVE-2024-9932 https://plugins.trac.wordpress.org/browser/wux-blog-editor/tags/3.0.0/External_Post_Editor.php#L675 https://www.wordfence.com/threat-intel/vulnerabilities/id/c2c0ab2d-1ba9-4a0a-b1fa-bacebe1034eb?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •