Vuldb Updates

A vulnerability classified as problematic has been found in bchristopeit WoW Guild Armory Roster Plugin up to 0.5.5 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-51850. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in giovanebribeiro WP PagSeguro Payments Plugin up to 1.0 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-51847. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Digital Zoom Studio Parallaxer Plugin up to 1.00 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-51848. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Hola Networks Hola Free Video Player Plugin up to 1.3.9 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-51854. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in Productineer Redirecter Plugin up to 1.0 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-51855. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Alberuni Azad Faltu Testimonial Rotator Plugin up to 1.0.0 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-51853. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Marco Piarulli My Restaurant Menu Plugin up to 0.2.0 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-51849. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Skip To Plugin up to 2.0.0 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-51652. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in IvyCat Web Services Simple Page Specific Sidebars Plugin up to 2.14.1 on WordPress. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-51633. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Syed Umair Hussain Shah World Prayer Time Plugin up to 2.0 on WordPress. Affected is an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-50534. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as problematic has been found in maxfoundry Media Library Folders Plugin up to 8.3.0 on WordPress. Affected is an unknown function of the component Setting Handler. The manipulation leads to missing authorization. This vulnerability is traded as CVE-2025-0935. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in WP Sharks s2Member Pro Plugin up to 241216 on WordPress and classified as critical. This issue affects some unknown processing. The manipulation of the argument s2member_pro_remote_op leads to deserialization. The identification of this vulnerability is CVE-2024-12562. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in techlabpro1 Team Plugin up to 4.4.9 on WordPress. It has been classified as problematic. Affected is the function response of the component Setting Handler. The manipulation leads to missing authorization. This vulnerability is traded as CVE-2024-13439. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in wedevs WP Project Manager Plugin up to 2.6.17 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /pm/v2/settings/notice of the component Setting Handler. The manipulation leads to missing authorization. This vulnerability is known as CVE-2024-13752. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in wedevs WP Project Manager Plugin up to 2.6.17 on WordPress. This affects an unknown part. The manipulation of the argument orderby leads to sql injection. This vulnerability is uniquely identified as CVE-2024-13500. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in xpeedstudio ElementsKit Elementor Addons Plugin up to 3.4.0 on WordPress. This vulnerability affects unknown code of the component Image Accordion Widget. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-1005. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in designinvento DirectoryPress Frontend Plugin up to 2.7.9 on WordPress. This issue affects the function dpfl_listingStatusChange. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-10581. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in bitpressadmin Chat Widget Plugin up to 1.5.2 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument fileID leads to relative path traversal. This vulnerability is handled as CVE-2025-0822. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in cyberchimps Responsive Plus Plugin up to 3.1.4 on WordPress. Affected by this vulnerability is the function remote_request of the component Setting Handler. The manipulation leads to server-side request forgery. This vulnerability is known as CVE-2024-13834. The attack can be launched remotely. There is no exploit available.

A vulnerability was suspected in Linux Kernel up to 6.6.35/6.9.6. Further investigation has shown that this issues is a false-positive. Please review the sources mentioned and consider not using this entry at all.