Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In March 2024
CVE-2024-2578
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPCoder WP Coder allows Stored XSS.This issue affects WP Coder: from n/a through 3.5.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-03-21
CVE-2024-27190
Missing Authorization vulnerability in Jean-David Daviet Download Media.This issue affects Download Media: from n/a through 1.4.2.
CVSS Score
4.3
EPSS Score
0.005
Published
2024-03-21
CVE-2024-27277
The private key for the IBM Storage Protect Plus Server 10.1.0 through 10.1.16 certificate can be disclosed, undermining the security of the certificate. IBM X-Force ID: 285205.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-03-21
CVE-2024-27956
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.
CVSS Score
9.9
EPSS Score
0.936
Published
2024-03-21
CVE-2024-27962
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Florian 'fkrauthan' Krauthan allows Reflected XSS.This issue affects wp-mpdf: from n/a through 3.7.1.
CVSS Score
7.1
EPSS Score
0.002
Published
2024-03-21
CVE-2024-27963
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crisp allows Stored XSS.This issue affects Crisp: from n/a through 0.44.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-03-21
CVE-2022-44595
Improper Authentication vulnerability in Melapress WP 2FA allows Authentication Bypass.This issue affects WP 2FA: from n/a through 2.2.0.
CVSS Score
5.3
EPSS Score
0.002
Published
2024-03-21
CVE-2023-49837
Uncontrolled Resource Consumption vulnerability in David Artiss Code Embed.This issue affects Code Embed: from n/a through 2.3.6.
CVSS Score
6.5
EPSS Score
0.003
Published
2024-03-21
CVE-2024-27995
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup allows Stored XSS.This issue affects ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup: from n/a through 4.0.23.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-03-21
CVE-2024-29243
Shenzhen Libituo Technology Co., Ltd LBT-T300-mini v1.2.9 was discovered to contain a buffer overflow via the vpn_client_ip parameter at /apply.cgi.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-03-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved