| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-11215 | Path traversal vulnerability in EasyPHP | EasyPHP | EasyPHP web server | Medium | 6.5 | 2024-11-14 13:37:05 | Deep Dive |
| CVE-2024-47916 | Boa web server - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | Boa web server | Boa web server 0.94.14rc21 | High | 7.5 | 2024-11-14 10:00:23 | Deep Dive |
| CVE-2024-51750 | Element allows a malicious homeserver can modify events leading to unrenderable events or rooms | element-hq | element-web | Medium | 5.0 | 2024-11-12 16:34:28 | Deep Dive |
| CVE-2024-51749 | Element's thumbnails can be abused to misrepresent the content of an attachment | element-hq | element-web | Low | 3.5 | 2024-11-12 16:34:22 | Deep Dive |
| CVE-2024-47590 | Cross-Site Scripting (XSS) vulnerability in SAP Web Dispatcher | SAP_SE | SAP Web Dispatcher | High | 8.8 | 2024-11-12 00:26:19 | Deep Dive |
| CVE-2024-52351 | WordPress BU Slideshow plugin <= 2.3.10 - Cross Site Scripting (XSS) vulnerability | BU Web Team | BU Slideshow | Medium | 6.5 | 2024-11-11 06:41:57 | Deep Dive |
| CVE-2024-52354 | WordPress Web Stories Widgets For Elementor plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability | Cool Plugins | Web Stories Widgets For Elementor | Medium | 6.5 | 2024-11-11 06:13:20 | Deep Dive |
| CVE-2024-20504 | Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Stored Cross-Site Scripting Vulnerabilities | Cisco | Cisco Secure Email | Medium | 5.4 | 2024-11-06 16:29:38 | Deep Dive |
| CVE-2024-10842 | romadebrian WEB-Sekolah Backend Proses_Edit_Akun.php cross site scripting | romadebrian | WEB-Sekolah | Low | 2.4 | 2024-11-05 14:00:09 | Deep Dive |
| CVE-2024-10841 | romadebrian WEB-Sekolah Mail Proses_Kirim.php sql injection | romadebrian | WEB-Sekolah | Medium | 5.5 | 2024-11-05 14:00:08 | Deep Dive |
| CVE-2024-10840 | romadebrian WEB-Sekolah Backend akun_edit.php cross site scripting | romadebrian | WEB-Sekolah | Low | 2.4 | 2024-11-05 13:00:06 | Deep Dive |
| CVE-2024-38745 | WordPress Wholesale Suite plugin <= 2.1.12 - Broken Access Control vulnerability | Rymera Web Co | Wholesale Suite | Medium | 5.3 | 2024-11-01 14:18:00 | Deep Dive |
| CVE-2024-43343 | WordPress Order Tracking – WordPress Status Tracking Plugin plugin < 3.3.13 - Broken Access Control vulnerability | Etoile Web Design | Order Tracking | Medium | 4.3 | 2024-11-01 14:17:23 | Deep Dive |
| CVE-2024-47939 | Ricoh MFP 安全漏洞 | Ricoh Company, Ltd. | Multiple laser printers and MFPs which implement Web Image Monitor | 中危 | - | 2024-11-01 04:29:04 | Deep Dive |
| CVE-2024-49665 | WordPress Web Bricks Addons for Elementor plugin <= 1.1.1 - Stored Cross Site Scripting (XSS) vulnerability | Web Bricks | Web Bricks Addons for Elementor | Medium | 6.5 | 2024-10-29 11:20:19 | Deep Dive |
| CVE-2024-10433 | Project Worlds Simple Web-Based Chat Application index.php cross site scripting | Project Worlds | Simple Web-Based Chat Application | Low | 3.5 | 2024-10-28 00:00:09 | Deep Dive |
| CVE-2024-10432 | Project Worlds Simple Web-Based Chat Application index.php sql injection | Project Worlds | Simple Web-Based Chat Application | High | 7.3 | 2024-10-27 23:31:04 | Deep Dive |
| CVE-2024-49334 | WordPress jLayer Parallax Slider plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability | Unizoe Web Solutions | jLayer Parallax Slider | High | 7.1 | 2024-10-20 07:52:29 | Deep Dive |
| CVE-2024-9184 | SendPulse Free Web Push <= 1.3.6 - Unauthenticated Stored Cross-Site Scripting | sendpulse | SendPulse Free Web Push | High | 7.2 | 2024-10-17 09:32:18 | Deep Dive |
| CVE-2024-8920 | Fonto – Custom Web Fonts Manager <= 1.2.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload | vladolaru | Fonto – Custom Web Fonts Manager | Medium | 6.4 | 2024-10-17 09:32:17 | Deep Dive |