Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In January 2025
CVE-2024-11270
The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the 'sync-import-imgs' function and missing file type validation in all versions up to, and including, 1.33.24. This makes it possible for authenticated attackers, with subscriber-level access and above, to create arbitrary files that can lead to remote code execution.
CVSS Score
8.8
EPSS Score
0.036
Published
2025-01-08
CVE-2024-56454
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-01-08
CVE-2024-56455
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-01-08
CVE-2024-56456
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.8
EPSS Score
0.0
Published
2025-01-08
CVE-2024-54121
Startup control vulnerability in the ability module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVSS Score
6.2
EPSS Score
0.001
Published
2025-01-08
CVE-2024-56448
Vulnerability of improper access control in the home screen widget module Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.7
EPSS Score
0.0
Published
2025-01-08
CVE-2024-56449
Privilege escalation vulnerability in the Account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
6.6
EPSS Score
0.0
Published
2025-01-08
CVE-2024-56450
Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-01-08
CVE-2024-56451
Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-01-08
CVE-2024-56452
Vulnerability of input parameters not being verified during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-01-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved