CVEs from 2024
Total
6,633
critical
critical 166
high
high 1,073
medium
medium 2,066
low
low 49
% Critical
2.5%
% with KEV
2.5%
% with exploit
3.4%
Top products
- surveillance_station 12
- checkmk 10
- profilegrid 8
- office 8
- office_long_term_servicing_channel 6
- propertyhive 5
- glibc 5
- element_pack 5
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-1708 | high | 8.4 | 10.0 | 2y ago | ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical systems. | |||
| CVE-2024-4367 | high | 8.8 | 9.8 | 2y ago | A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thu… | |||
| CVE-2024-53197 | high | — | 9.5 | 1y ago | Linux Kernel contains an out-of-bounds access vulnerability in the USB-audio driver that allows an attacker with physical access to the system to use a malicious USB device to potentially manipulate … | |||
| CVE-2024-53104 | high | — | 9.5 | 1y ago | Linux kernel contains an out-of-bounds write vulnerability in the uvc_parse_streaming component of the USB Video Class (UVC) driver that could allow for physical escalation of privilege. | |||
| CVE-2024-44309 | high | — | 9.5 | 2y ago | Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to a cross-site scripting (XSS) attack. | |||
| CVE-2024-9680 | high | — | 9.5 | 2y ago | Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process. | |||
| CVE-2024-36971 | high | — | 9.5 | 2y ago | Android contains an unspecified vulnerability in the kernel that allows for remote code execution. This vulnerability resides in Linux Kernel and could impact other products, including but not limite… | |||
| CVE-2024-38475 | high | — | 9.5 | 2y ago | Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not in… | |||
| CVE-2024-1086 | high | — | 9.5 | 2y ago | Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation. | |||
| CVE-2024-23222 | high | — | 9.5 | 3y ago | Apple iOS, iPadOS, macOS, tvOS, and Safari WebKit contain a type confusion vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact … | |||
| CVE-2024-6387 | high | 8.1 | 9.1 | 2y ago | A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote a… | |||
| CVE-2024-47176 | high | — | 9.0 | 2y ago | RHSA-2024:7463: cups-filters security update (Important) | |||
| CVE-2024-47076 | high | — | 9.0 | 2y ago | RHSA-2024:7463: cups-filters security update (Important) | |||
| CVE-2024-21182 | high | 7.5 | 9.0 | 2y ago | Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vu… | |||
| CVE-2024-21626 | high | — | 9.0 | 2y ago | Important: container-tools:4.0 security update | |||
| CVE-2024-51348 | high | 8.8 | 8.8 | 2mo ago | A stack-based buffer overflow vulnerability in the P2P API service in BS Producten Petcam with firmware 33.1.0.0818 allows unauthenticated attackers within network range to overwrite the instruction … | |||
| CVE-2024-12913 | high | 8.8 | 8.8 | 9mo ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Megatek Communication System Azora Wireless Network Management allows SQL Injection. This issue … | |||
| CVE-2024-11142 | high | 8.8 | 8.8 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in Gosoft Software Proticaret E-Commerce allows Cross Site Request Forgery. This issue affects Proticaret E-Commerce: before v6.0 NOTE: According t… | |||
| CVE-2024-12918 | high | 8.8 | 8.8 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Health4All allows SQL Injection. This issue affects Health4All: before 10.01.2025. | |||
| CVE-2024-12916 | high | 8.8 | 8.8 | 1y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Agito Computer Life4All allows SQL Injection. This issue affects Life4All: before 10.01.2025. | |||
| CVE-2024-37469 | high | 8.8 | 8.8 | 1y ago | Cross-Site Request Forgery (CSRF) vulnerability in creativethemeshq Blocksy blocksy allows Cross Site Request Forgery.This issue affects Blocksy: from n/a through <= 2.0.22. | |||
| CVE-2024-49627 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Noor Alam WordPress Image SEO allows Cross Site Request Forgery.This issue affects WordPress Image SEO: from n/a through 1.1.4. | |||
| CVE-2024-49290 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0. | |||
| CVE-2024-49219 | high | 8.8 | 8.8 | 2y ago | Incorrect Privilege Assignment vulnerability in themexpo RS-Members rs-members allows Privilege Escalation.This issue affects RS-Members: from n/a through <= 1.0.3. | |||
| CVE-2024-49226 | high | 8.8 | 8.8 | 2y ago | Deserialization of Untrusted Data vulnerability in taketin TAKETIN To WP Membership taketin-to-wp-membership allows Object Injection.This issue affects TAKETIN To WP Membership: from n/a through <= 2… | |||
| CVE-2024-5958 | high | 8.8 | 8.8 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eliz Software Panel allows Command Line Execution through SQL Injection. This issue affects Pane… | |||
| CVE-2024-8164 | high | 8.8 | 8.8 | 2y ago | A vulnerability was determined in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. This affects the function rename of the file /Admin/Http/Controllers/FileManagerController.php. This mani… | |||
| CVE-2024-34444 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a before 6.7.0. | |||
| CVE-2024-30103 | high | 8.8 | 8.8 | 2y ago | Microsoft Outlook Remote Code Execution Vulnerability | |||
| CVE-2024-31261 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Aakash Chakravarthy Announcer – Notification & message bars.This issue affects Announcer – Notification & message bars: from n/a through 6.0. | |||
| CVE-2024-35955 | high | 8.8 | 8.8 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix possible use-after-free issue on kprobe registration When unloading a module, its state is changing MODULE_STATE_LIV… | |||
| CVE-2024-27955 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in WP Automatic Automatic allows Privilege Escalation.This issue affects Automatic: from n/a through 3.92.0. | |||
| CVE-2024-31113 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.11. | |||
| CVE-2024-33912 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Academy LMS.This issue affects Academy LMS: from n/a through 1.9.16. | |||
| CVE-2024-33921 | high | 8.8 | 8.8 | 2y ago | Broken Access Control vulnerability in ReviewX.This issue affects ReviewX: from n/a through 1.6.21. | |||
| CVE-2024-33595 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Jewel Theme Master Addons for Elementor.This issue affects Master Addons for Elementor: from n/a through 2.0.5.4.1. | |||
| CVE-2024-33688 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Teluro.This issue affects Teluro: from n/a through 1.0.31. | |||
| CVE-2024-33651 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gig Calendar.This issue affects MF Gig Calendar : from n/a through 1.2.1. | |||
| CVE-2024-25917 | high | 8.8 | 8.8 | 2y ago | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodeRevolution WP Setup Wizard.This issue affects WP Setup Wizard: from n/a through 1.0.8.1. | |||
| CVE-2024-32794 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Paid Memberships Pro.This issue affects Paid Memberships Pro: from n/a through 2.12.10. | |||
| CVE-2024-32793 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Paid Memberships Pro.This issue affects Paid Memberships Pro: from n/a through 2.12.10. | |||
| CVE-2024-32808 | high | 8.8 | 8.8 | 2y ago | Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9. | |||
| CVE-2024-32772 | high | 8.8 | 8.8 | 2y ago | Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9. | |||
| CVE-2024-32682 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.2. | |||
| CVE-2024-32681 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.2. | |||
| CVE-2024-32603 | high | 8.8 | 8.8 | 2y ago | Deserialization of Untrusted Data vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.20. | |||
| CVE-2024-31378 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailChimp Forms by MailMunch.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.1. | |||
| CVE-2024-31429 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Blossom Themes Sarada Lite.This issue affects Sarada Lite: from n/a through 1.1.2. | |||
| CVE-2024-32443 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in IP2Location Download IP2Location Country Blocker.This issue affects Download IP2Location Country Blocker: from n/a through 2.34.2. | |||
| CVE-2024-32442 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.7. | |||
| CVE-2024-32441 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.7. | |||
| CVE-2024-32440 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Thomas Belser Asgaros Forum.This issue affects Asgaros Forum: from n/a through 2.8.0. | |||
| CVE-2024-32439 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in SwitchWP WP Client Reports.This issue affects WP Client Reports: from n/a through 1.0.22. | |||
| CVE-2024-32438 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in cleverplugins.Com SEO Booster.This issue affects SEO Booster: from n/a through 3.8.9. | |||
| CVE-2024-32139 | high | 8.8 | 8.8 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through … | |||
| CVE-2024-32127 | high | 8.8 | 8.8 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Markus Seyer Find Duplicates.This issue affects Find Duplicates: from n/a through 1.4.6. | |||
| CVE-2024-32125 | high | 8.8 | 8.8 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Booking Algorithms BA Book Everything.This issue affects BA Book Everything: from n/a through 1.6… | |||
| CVE-2024-31363 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in LifterLMS.This issue affects LifterLMS: from n/a through 7.5.0. | |||
| CVE-2024-31362 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8. | |||
| CVE-2024-31301 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple Page Generator Plugin – MPG.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0. | |||
| CVE-2024-31293 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.6. | |||
| CVE-2024-31269 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps.This issue affects Easy Google Maps: from n/a through 1.11.11. | |||
| CVE-2024-31268 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in AppPresser Team AppPresser.This issue affects AppPresser: from n/a through 4.3.0. | |||
| CVE-2024-31238 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Zaytech Smart Online Order for Clover.This issue affects Smart Online Order for Clover: from n/a through 1.5.5. | |||
| CVE-2024-32106 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in WP Compress WP Compress – Image Optimizer [All-In-One].This issue affects WP Compress – Image Optimizer [All-In-One]: from n/a through 6.10.35. | |||
| CVE-2024-31932 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in CreativeThemes Blocksy Companion.This issue affects Blocksy Companion: from n/a through 2.0.28. | |||
| CVE-2024-27985 | high | 8.8 | 8.8 | 2y ago | Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.9. | |||
| CVE-2024-27967 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Michael Leithold DSGVO All in one for WP.This issue affects DSGVO All in one for WP: from n/a through 4.3. | |||
| CVE-2024-31430 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional, realmag777 BEAR – Bulk Editor and Products Manager Professional for WooComme… | |||
| CVE-2024-31280 | high | 8.8 | 8.8 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.5. | |||
| CVE-2024-25918 | high | 8.8 | 8.8 | 2y ago | Improper Control of Generation of Code ('Code Injection') vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.8. | |||
| CVE-2024-30462 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in realmag777 HUSKY – Products Filter for WooCommerce (formerly WOOF).This issue affects HUSKY – Products Filter for WooCommerce (formerly WOOF): from … | |||
| CVE-2024-30454 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in VeronaLabs WP SMS.This issue affects WP SMS: from n/a through 6.6.2. | |||
| CVE-2024-30482 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Brice CAPOBIANCO Simple Revisions Delete.This issue affects Simple Revisions Delete: from n/a through 1.5.3. | |||
| CVE-2024-30500 | high | 8.8 | 8.8 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in CubeWP CubeWP – All-in-One Dynamic Content Framework.This issue affects CubeWP – All-in-One Dynamic Content Framework: from n/a throug… | |||
| CVE-2024-30499 | high | 8.8 | 8.8 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks CRM Perks Forms.This issue affects CRM Perks Forms: from n/a through 1.1.4. | |||
| CVE-2024-30497 | high | 8.8 | 8.8 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs.This issue affe… | |||
| CVE-2024-30496 | high | 8.8 | 8.8 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BdThemes Element Pack Elementor Addons.This issue affects Element Pack Elementor Addons: from n/a… | |||
| CVE-2024-30491 | high | 8.8 | 8.8 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8. | |||
| CVE-2024-30486 | high | 8.8 | 8.8 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Max Foundry Media Library Folders.This issue affects Media Library Folders: from n/a through 8.1.… | |||
| CVE-2024-30458 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOOCS – WooCommerce Currency Switcher.This issue affects WOOCS – WooCommerce Currency Switcher: from n/a through 1.4.1.7. | |||
| CVE-2024-30457 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF).This issue affects WordPress Meta Data and Taxonomies Filter (MDTF): from n/a through 1.… | |||
| CVE-2024-30456 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WPCS.This issue affects WPCS: from n/a through 1.2.0.1. | |||
| CVE-2024-30241 | high | 8.8 | 8.8 | 2y ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.1. | |||
| CVE-2024-30230 | high | 8.8 | 8.8 | 2y ago | Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For WooCommerce.This issue affects PDF Invoices and Packing Slips For WooCommerce: from n/a through 1.3.7. | |||
| CVE-2024-30222 | high | 8.8 | 8.8 | 2y ago | Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26. | |||
| CVE-2024-3013 | high | 8.8 | 8.8 | 2y ago | A flaw has been found in Teledyne FLIR AX8 up to 1.46.16. The impacted element is an unknown function of the file /tools/test_login.php?action=register of the component User Registration. Executing m… | |||
| CVE-2024-23510 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Martyn Chamberlin Don't Muck My Markup.This issue affects Don't Muck My Markup: from n/a through 1.8. | |||
| CVE-2024-30235 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Themeisle Multiple Page Generator Plugin – MPG.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0. | |||
| CVE-2024-30234 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Wholesale Team WholesaleX.This issue affects WholesaleX: from n/a through 1.3.1. | |||
| CVE-2024-24799 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2. | |||
| CVE-2024-2904 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Calliope.This issue affects Calliope: from n/a through 1.0.33. | |||
| CVE-2024-27964 | high | 8.8 | 8.8 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.9. | |||
| CVE-2024-27190 | high | 8.8 | 8.8 | 2y ago | Missing Authorization vulnerability in Jean-David Daviet Download Media.This issue affects Download Media: from n/a through 1.4.2. | |||
| CVE-2024-2721 | high | 8.8 | 8.8 | 2y ago | Deserialization of Untrusted Data vulnerability in Social Media Share Buttons By Sygnoos Social Media Share Buttons.This issue affects Social Media Share Buttons: from n/a through 2.1.0. | |||
| CVE-2024-29135 | high | 8.8 | 8.8 | 2y ago | Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.15. | |||
| CVE-2024-25931 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Heureka Group Heureka.This issue affects Heureka: from n/a through 1.0.8. | |||
| CVE-2024-25930 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Nuggethon Custom Order Statuses for WooCommerce.This issue affects Custom Order Statuses for WooCommerce: from n/a through 1.5.2. | |||
| CVE-2024-24701 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in Native Grid LLC A no-code page builder for beautiful performance-based content.This issue affects A no-code page builder for beautiful performance-b… | |||
| CVE-2024-27948 | high | 8.8 | 8.8 | 2y ago | Cross-Site Request Forgery (CSRF) vulnerability in bytesforall Atahualpa.This issue affects Atahualpa: from n/a through 3.7.24. |