Azienda Sicura

Lista CVE 2024/56xxx

CVE-2024-56001 (WordPress K Elements plugin < 5.4.0 - Unauthenticated Account Takeover vulnerability)

CVE-2024-56002 (WordPress Ksher plugin <= 1.1.1 - Broken Access Control vulnerability)

CVE-2024-56003 (WordPress Contact Form, Survey & Form Builder – MightyForms plugin <= 1.3.9 - Broken Access Control vulnerability)

CVE-2024-56004 (WordPress Caldera SMTP Mailer plugin <= 1.0.1 - Broken Access Control vulnerability)

CVE-2024-56005 (WordPress Easy Site Importer plugin <= 1.0.1 - Settings Change vulnerability)

CVE-2024-56007 (WordPress Posti Shipping Plugin <= 3.10.3 - CSRF to Settings Change vulnerability)

CVE-2024-56008 (WordPress Leader plugin <= 2.6.1 - Broken Access Control vulnerability)

CVE-2024-56009 (WordPress Spreadr Woocommerce plugin <= 1.0.4 - Arbitrary Content Deletion vulnerability)

CVE-2024-56010 (WordPress Spreadr Woocommerce plugin <= 1.0.4 - Broken Access Control vulnerability)

CVE-2024-56011 (WordPress Device Detector Plugin <= 4.2.0 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2024-56012 (WordPress Responsive Google Maps | by imbaa plugin <= 1.2.5 - Stored Cross Site Scripting (XSS) vulnerability)

CVE-2024-56013 (WordPress Post Title (TypeWriter) and Flash News / Post (Responsive) plugins <= 4.1 - CSRF to Privilege Escalation vulnerability)

CVE-2024-56014 (WordPress Wovax IDX plugin <= 1.2.2 - Account Takeover vulnerability)

CVE-2024-56015 (WordPress Olivia Theme <= 0.9.5 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2024-56016 (WordPress Tidy Up Plugin <= 1.3 - CSRF to Reflected Cross-Site Scripting vulnerability)

CVE-2024-56017 (WordPress Image Mapper plugin <= 0.2.5.3 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2024-56018 (WordPress Stop Registration Spam Plugin <= 1.23 - CSRF to Stored XSS vulnerability)

CVE-2024-56019 (WordPress BU Section Editing Plugin <= 0.9.9 - Reflected Cross Site Scripting (XSS) vulnerability)

CVE-2024-56020 (WordPress Inline Footnotes Plugin <= 2.3.0 - Cross Site Scripting (XSS) vulnerability)