Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2024
CVE-2024-39657
Cross-Site Request Forgery (CSRF) vulnerability in Sender Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce.This issue affects Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce: from n/a through 2.6.18.
CVSS Score
4.3
EPSS Score
0.0
Published
2024-08-26
CVE-2024-43116
Cross-Site Request Forgery (CSRF) vulnerability in 10up Simple Local Avatars.This issue affects Simple Local Avatars: from n/a through 2.7.10.
CVSS Score
4.3
EPSS Score
0.0
Published
2024-08-26
CVE-2024-43117
Cross-Site Request Forgery (CSRF) vulnerability in WPMU DEV Hummingbird.This issue affects Hummingbird: from n/a through 3.9.1.
CVSS Score
4.3
EPSS Score
0.0
Published
2024-08-26
CVE-2024-43214
Missing Authorization vulnerability in myCred.This issue affects myCred: from n/a through 2.7.2.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-08-26
CVE-2024-43230
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Shared Files – File Upload Form Shared Files.This issue affects Shared Files: from n/a through 1.7.28.
CVSS Score
5.3
EPSS Score
0.004
Published
2024-08-26
CVE-2024-39628
Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninja Forms allows Cross Site Request Forgery.This issue affects Ninja Forms: from n/a through 3.8.6.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-08-26
CVE-2024-39641
Cross-Site Request Forgery (CSRF) vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through 4.2.6.8.2.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-08-26
CVE-2024-39645
Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-08-26
CVE-2024-44793
A cross-site scripting (XSS) vulnerability in the component /managers/multiple_freeleech.php of Gazelle commit 63b3370 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the torrents parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-08-26
CVE-2024-44794
A cross-site scripting (XSS) vulnerability in the component /master/auth/OnedriveRedirect.php of PicUploader commit fcf82ea allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the error_description parameter.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-08-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved