Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2024
CVE-2024-23500
Server-Side Request Forgery (SSRF) vulnerability in Kadence WP Gutenberg Blocks by Kadence Blocks.This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through 3.2.19.
CVSS Score
7.7
EPSS Score
0.005
Published
2024-03-28
CVE-2023-36679
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6.
CVSS Score
7.1
EPSS Score
0.002
Published
2024-03-28
CVE-2023-39313
Server-Side Request Forgery (SSRF) vulnerability in ThemeFusion Avada.This issue affects Avada: from n/a through 7.11.1.
CVSS Score
7.7
EPSS Score
0.003
Published
2024-03-28
CVE-2024-30241
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.1.
CVSS Score
8.5
EPSS Score
0.026
Published
2024-03-28
CVE-2024-30229
Deserialization of Untrusted Data vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.4.2.
CVSS Score
8.0
EPSS Score
0.005
Published
2024-03-28
CVE-2024-30230
Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce: from n/a through 1.3.7.
CVSS Score
8.2
EPSS Score
0.002
Published
2024-03-28
CVE-2024-30236
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contest Gallery.This issue affects Contest Gallery: from n/a through 21.3.4.
CVSS Score
8.5
EPSS Score
0.004
Published
2024-03-28
CVE-2024-30223
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26.
CVSS Score
9.0
EPSS Score
0.008
Published
2024-03-28
CVE-2024-30224
Deserialization of Untrusted Data vulnerability in Wholesale Team WholesaleX.This issue affects WholesaleX: from n/a through 1.3.2.
CVSS Score
10.0
EPSS Score
0.005
Published
2024-03-28
CVE-2024-0672
The Pz-LinkCard WordPress plugin through 2.5.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
CVSS Score
7.1
EPSS Score
0.003
Published
2024-03-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved