Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Concientización
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2024-13621
2025-05-15
MEDIUM
4.8
The GDPR Framework By Data443 WordPress plugin before 2.2.0 does not sanitise and escape some of its settings, which could…
CVE-2024-13619
2025-05-15
MEDIUM
6.1
The LifterLMS WordPress plugin before 8.0.1 does not sanitise and escape a parameter before outputting it back in the page,…
CVE-2024-13616
2025-05-15
MEDIUM
4.8
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.7.2 does not sanitise and escape some of its settings,…
CVE-2024-13384
2025-05-15
MEDIUM
4.8
The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.24 does not sanitise and escape some of…
CVE-2024-13383
2025-05-15
MEDIUM
4.8
The HD Quiz WordPress plugin before 2.0.0 does not sanitise and escape some of its settings, which could allow high…
CVE-2024-13357
2025-05-15
MEDIUM
4.8
The Ditty WordPress plugin before 3.1.52 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2024-13313
2025-05-15
MEDIUM
4.8
The AWeber WordPress plugin through 7.3.20 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2024-13053
2025-05-15
MEDIUM
4.8
The Form Maker by 10Web WordPress plugin before 1.15.33 does not sanitise and escape some of its settings, which could…
CVE-2024-12874
2025-05-15
MEDIUM
4.8
The Top Comments WordPress plugin through 1.0 does not sanitise and escape some of its settings, which could allow high…
CVE-2024-12812
2025-05-15
HIGH
7.5
The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting WordPress plugin before…
CVE-2024-12808
2025-05-15
MEDIUM
4.8
The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting WordPress plugin before…
CVE-2024-12800
2025-05-15
MEDIUM
4.8
The IP Based Login WordPress plugin before 2.4.1 does not sanitise values when importing, which could allow high privilege users…
CVE-2024-12770
2025-05-15
MEDIUM
4.8
The WP ULike WordPress plugin before 4.7.6 does not sanitise and escape some of its settings, which could allow high…
CVE-2024-12750
2025-05-15
MEDIUM
4.3
The Competition Form WordPress plugin through 2.0 does not have CSRF check in place when updating its settings, which could…
CVE-2024-12743
2025-05-15
MEDIUM
4.8
The MailPoet WordPress plugin before 5.5.2 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2024-12739
2025-05-15
MEDIUM
4.8
The Mobile Contact Bar WordPress plugin before 3.0.5 does not sanitise and escape some of its settings, which could allow…
CVE-2024-12726
2025-05-15
MEDIUM
6.1
The ClipArt WordPress plugin through 0.2 does not sanitise and escape a parameter before outputting it back in the page,…
CVE-2024-12725
2025-05-15
MEDIUM
6.1
The Clasify Classified Listing WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in…
CVE-2024-12724
2025-05-15
MEDIUM
6.1
The WP DeskLite WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the…
CVE-2024-12722
2025-05-15
MEDIUM
5.4
The Twitter Bootstrap Collapse aka Accordian Shortcode WordPress plugin through 1.0 does not validate and escape some of its shortcode…
CVE-2024-12716
2025-05-15
MEDIUM
4.8
The Simple Basic Contact Form WordPress plugin before 20250114 does not sanitise and escape some of its settings, which could…
CVE-2024-12301
2025-05-15
MEDIUM
6.5
The JSP Store Locator WordPress plugin through 1.0 does not have CSRF checks in some places, which could allow attackers…
CVE-2024-12282
2025-05-15
MEDIUM
6.1
The WordPress连接微博 WordPress plugin through 2.5.6 does not have CSRF check in some places, and is missing sanitisation as well…
CVE-2024-11843
2025-05-15
MEDIUM
4.8
The Panorama WordPress plugin through 1.5.1 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2024-11719
2025-05-15
MEDIUM
6.1
The tarteaucitron-wp WordPress plugin before 0.3.0 does not have CSRF check in some places, and is missing sanitisation as well…
CVE-2024-11718
2025-05-15
MEDIUM
5.4
The tarteaucitron-wp WordPress plugin before 0.3.0 allows author level and above users to add HTML into a post/page, which could…
CVE-2024-11502
2025-05-15
MEDIUM
5.4
The Planning Center Online Giving WordPress plugin through 1.0.0 does not validate and escape some of its shortcode attributes before…
CVE-2024-11373
2025-05-15
MEDIUM
4.3
The Connexion Logs WordPress plugin through 3.0.2 does not have CSRF check in place when updating its settings, which could…
CVE-2024-11372
2025-05-15
HIGH
7.2
The Connexion Logs WordPress plugin through 3.0.2 does not sanitize and escape a parameter before using it in a SQL…
CVE-2024-11269
2025-05-15
HIGH
7.2
The AHAthat Plugin WordPress plugin through 1.6 does not sanitize and escape a parameter before using it in a SQL…
CVE-2024-11267
2025-05-15
HIGH
8.8
The JSP Store Locator WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a…
CVE-2024-11266
2025-05-15
MEDIUM
4.8
The Geocache Stat Bar Widget WordPress plugin through 0.911 does not sanitise and escape some of its settings, which could…
CVE-2024-11221
2025-05-15
MEDIUM
4.8
The Full Screen (Page) Background Image Slideshow WordPress plugin through 1.1 does not sanitise and escape some of its settings,…
CVE-2024-11190
2025-05-15
MEDIUM
4.8
The jwp-a11y WordPress plugin through 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2024-11189
2025-05-15
MEDIUM
4.8
The Social Share And Social Locker WordPress plugin before 1.4.2 does not sanitise and escape some of its settings, which…
CVE-2024-11141
2025-05-15
MEDIUM
6.1
The Sailthru Triggermail WordPress plugin through 1.1 does not sanitise and escape some of its settings and is missing CSRF…
CVE-2024-10818
2025-05-15
MEDIUM
5.4
The JSFiddle Shortcode WordPress plugin before 1.1.3 does not validate and escape some of its shortcode attributes before outputting them…
CVE-2024-10677
2025-05-15
MEDIUM
4.3
The BTEV WordPress plugin through 2.0.2 does not have CSRF check in place when updating its settings, which could allow…
CVE-2024-10639
2025-05-15
MEDIUM
4.8
The Auto Prune Posts WordPress plugin before 3.0.0 does not sanitise and escape some of its settings, which could allow…
CVE-2024-10634
2025-05-15
MEDIUM
4.3
The Nokaut Offers Box WordPress plugin through 1.4.0 does not have CSRF check in place when updating its settings, which…
CVE-2024-10632
2025-05-15
MEDIUM
4.8
The Nokaut Offers Box WordPress plugin through 1.4.0 does not sanitize and escape some of its settings, which could allow…
CVE-2024-10475
2025-05-15
MEDIUM
4.8
The Responsive Contact Form Builder & Lead Generation Plugin WordPress plugin before 1.9.8 does not sanitise and escape some of…
CVE-2024-10362
2025-05-15
MEDIUM
4.8
The Social Media Share Buttons & Social Sharing Icons WordPress plugin before 2.9.1 does not sanitize and escape some of…
CVE-2022-41848
2022-09-30
MEDIUM
4.2
drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes…
CVE-2022-41847
2022-09-30
MEDIUM
5.5
An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4_StdcFileByteStream::Create(AP4_FileByteStream*, char const*, AP4_FileByteStream::Mode, AP4_ByteStream*&) in System/StdC/Ap4StdCFileByteStream.cpp.
CVE-2022-41846
2022-09-30
MEDIUM
5.5
An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp.
CVE-2022-41845
2022-09-30
MEDIUM
5.5
An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_Array::EnsureCapacity in Core/Ap4Array.h.
CVE-2022-41844
2022-09-30
MEDIUM
5.5
An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different…
CVE-2022-41843
2022-09-30
MEDIUM
5.5
An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928.
CVE-2022-41842
2022-09-30
MEDIUM
5.5
An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo/gfile.cc.
« Anterior
Página 406 de 3521
Siguiente »
Page load link
Go to Top
