New
CVE-2024-6546
One Click Close Comments <= 2.7.1 - Unauthenticated Full Path Disclosure: The One Click Close Comments plugin for WordPress is vulnerable to Full Path D...
CVE-2024-6634
Master Currency WP <= 1.1.61 - Authenticated (Contributor+) Stored Cross-Site Scripting via Currency Converter Form Shortcode: The Master Currency WP pl...
CVE-2024-6661
ParityPress <= 1.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting: The ParityPress – Parity Pricing with Discount Rules plugin for WordP...
CVE-2024-6566
Aramex Shipping WooCommerce <= 1.1.21 - Unauthenticated Full Path Disclosure: The Aramex Shipping WooCommerce plugin for WordPress is vulnerable to Full...
CVE-2024-6549
Admin Post Navigation <= 2.1 - Unauthenticated Full Path Disclosure: The Admin Post Navigation plugin for WordPress is vulnerable to Full Path Disclosur...
Updated
CVE-2024-42029
xdg-desktop-portal-hyprland (aka an XDG Desktop Portal backend for Hyprland) before 1.3.3 allows OS command execution, e.g., because single quotes are n...
CVE-2024-6546
One Click Close Comments <= 2.7.1 - Unauthenticated Full Path Disclosure: The One Click Close Comments plugin for WordPress is vulnerable to Full Path D...
CVE-2024-6634
Master Currency WP <= 1.1.61 - Authenticated (Contributor+) Stored Cross-Site Scripting via Currency Converter Form Shortcode: The Master Currency WP pl...
CVE-2024-6661
ParityPress <= 1.0.0 - Authenticated (Administrator+) Stored Cross-Site Scripting: The ParityPress – Parity Pricing with Discount Rules plugin for WordP...
CVE-2024-6566
Aramex Shipping WooCommerce <= 1.1.21 - Unauthenticated Full Path Disclosure: The Aramex Shipping WooCommerce plugin for WordPress is vulnerable to Full...