Tag: 2025-01-09

7 Attack Reports | 269 Vulnerabilities

Attack reports

RedDelta: Chinese State-Sponsored Group Targets Mongolia, Taiwan, and Southeast Asia with Evolving Cyber Threats

Between July 2023 and December 2024, the Chinese state-sponsored group RedDelta targeted Mongolia, Taiwan, and Southeast Asian countries with an adapted infection chain to distribute its customized PlugX backdoor. The group used themed lure documents and evolved its tactics, transitioning from Wind…
spearphishing
plugx
html
microsoft azure
2025-01-09
cloudflare cdn
shortcut (lnk) file
Published: January 9, 2025
Downloadable IOCs: 259

Banshee: The Stealer That "Stole Code" From MacOS XProtect

A new version of the Banshee macOS stealer, linked to Russian-speaking cybercriminals, has been monitored since September. This version went undetected for over two months, using a string encryption algorithm identical to Apple's XProtect antivirus engine. The malware targets browser credentials, c…
phishing
cryptocurrency
macos
lumma stealer
github
string encryption
banshee
2025-01-09
xprotect
Published: January 9, 2025
Downloadable IOCs: 25

Examining Redtail: Analyzing a Sophisticated Cryptomining Malware and its Advanced Tactics

This analysis focuses on redtail, a cryptocurrency mining malware that stealthily installs itself on compromised systems. The malware utilizes two additional scripts: one to identify the CPU architecture and another to remove existing cryptomining software. Observed attacks originated from IP addre…
cryptomining
redtail
2025-01-09
c3pool_miner
Published: January 9, 2025
Linked vulnerabilities : CVE-2024-3400
Downloadable IOCs: 12

December 2024 Threat Trend Report on Ransomware

This analysis provides statistics on new ransomware samples, targeted systems, and affected companies in November 2024. The number of new samples in December remained consistent with November's figures. The data is based on AhnLab's detection names and information from ransomware groups' Dedicated …
ransomware
2025-01-09
funksec
Published: January 9, 2025
Downloadable IOCs: 0

December 2024 Threat Trend Report on APT Attacks (South Korea)

This intelligence report analyzes Advanced Persistent Threat (APT) attacks targeting South Korea in December 2024. The primary method of attack was spear phishing, with a focus on distributing LNK files. Two main types of attacks were identified: Type A, which uses compressed CAB files containing m…
apt
rat
rokrat
south korea
xenorat
spear-phishing
lnk files
2025-01-09
decoy documents
Published: January 9, 2025
Downloadable IOCs: 3

APT32 Poisoning GitHub, Targeting Chinese Cybersecurity Professionals and Specific Large Enterprises

APT32 (OceanLotus) has launched a sophisticated attack targeting Chinese cybersecurity professionals and specific large enterprises. The group released a Cobalt Strike exploit plugin with a Trojan on GitHub, embedding a malicious .suo file into a Visual Studio project. When compiled, the Trojan exe…
cobalt strike
dll hollowing
2025-01-09
oceanlotus
notion api
Published: January 9, 2025
Downloadable IOCs: 0

Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation

A new zero-day vulnerability, CVE-2025-0282, in Ivanti Connect Secure VPN appliances has been exploited since mid-December 2024. The vulnerability allows unauthenticated remote code execution. Attackers have deployed multiple malware families, including SPAWN, DRYHOOK, and PHASEJAM, to maintain per…
credential theft
ivanti
vpn
2025-01-09
phasejam
dryhook
spawnsloth
spawnant
Published: January 9, 2025
Linked vulnerabilities : CVE-2025-0282 (CVSS 9.0), CVE-2025-0283 (CVSS 7.0), CVE-2024-21887, CVE-2023-46805
Downloadable IOCs: 7
Click here to see more Attack Reports

Vulnerabilities

CVE-2025-22504

10.0
    jumpdemand 4ECPS Web Forms
  • Version(s): n/a, 0.2.18
Published: January 9, 2025

CVE-2024-40762

9.8
    SonicOS SSLVPN
Published: January 9, 2025

CVE-2024-53704

9.8
    SonicWall SSLVPN
Published: January 9, 2025

CVE-2024-40765

9.8
    SonicOS
Published: January 9, 2025

CVE-2024-43661

9.8
    Iocharger firmware for AC models
  • Version(s): before version 24120701
Published: January 9, 2025

CVE-2024-43663

9.8
    Iocharger firmware for AC model chargers
  • Version(s): before 24120701
Published: January 9, 2025

CVE-2024-11642

9.8
    Post Grid Master plugin for WordPress
  • Version(s): up to 3.4.12
Published: January 9, 2025

CVE-2024-13239

9.8
    Two-factor Authentication (TFA)
  • Version(s): 0.0.0 before 1.5.0
Published: January 9, 2025

CVE-2024-13258

9.8
    Drupal
  • Version(s): 0.0.0 before 2.0.13
Published: January 9, 2025

CVE-2024-10215

9.8
    WPBookit plugin for WordPress
  • Version(s): up to 1.6.4
Published: January 9, 2025

CVE-2024-13264

9.8
    Drupal Opigno module
  • Version(s): 0.0.0 before 3.1.2
Published: January 9, 2025

CVE-2024-13279

9.8
    Two-factor Authentication (TFA) on Drupal
  • Version(s): 0.0.0 - 1.8.0
Published: January 9, 2025

CVE-2024-13280

9.8
    Drupal Persistent Login
  • Version(s): 0.0.0 - 1.8.0, 2.0.* - 2.2.2
Published: January 9, 2025

CVE-2024-13285

9.8
    wkhtmltopdf
Published: January 9, 2025

CVE-2024-54724

9.8
    PHPYun
  • Version(s): before 7.0.2
Published: January 9, 2025

CVE-2024-55225

9.8
    Vaultwarden
  • Version(s): before v1.32.5
Published: January 9, 2025

CVE-2023-28354

9.8
    Opsview Monitor Agent
  • Version(s): 6.8
Published: January 9, 2025

CVE-2024-55224

9.6
    Vaultwarden
  • Version(s): before 1.32.5
Published: January 9, 2025

CVE-2025-22540

9.3
    Emailing Subscription
  • Version(s): n/a, 1.4.1
Published: January 9, 2025

CVE-2025-22542

9.3
    Ofek Nakar Virtual Bot
  • Version(s): n/a, 1.0.0
Published: January 9, 2025

CVE-2024-12802

9.1
    SonicWALL SSL-VPN
Published: January 9, 2025

CVE-2025-21628

9.1
    Chatwoot
  • Version(s): before 3.16.0
Published: January 9, 2025

CVE-2024-13241

9.1
    Drupal Open Social
  • Version(s): 0.0.0, before 12.0.5
Published: January 9, 2025

CVE-2024-13242

9.1
    Drupal Swift Mailer
  • Version(s): *.*
Published: January 9, 2025

CVE-2024-13253

9.1
    Drupal Advanced PWA inc Push Notifications
  • Version(s): 0.0.0 before 1.5.0
Published: January 9, 2025

CVE-2024-13277

9.1
    Smart IP Ban
  • Version(s): 7.X-1.0 before 7.X-1.1
Published: January 9, 2025

CVE-2024-13278

9.1
    Drupal Diff
  • Version(s): 0.0.0 before 1.8.0
Published: January 9, 2025

CVE-2024-13281

9.1
    Monster Menus
  • Version(s): 0.0.0 before 9.3.2
Published: January 9, 2025

CVE-2024-46505

9.1
    Infoblox BloxOne
  • Version(s): 2.4
Published: January 9, 2025

CVE-2024-43648

8.8
    Iocharger firmware for AC models
  • Version(s): before version 24120701
Published: January 9, 2025

CVE-2024-43649

8.8
    Iocharger firmware for AC models
  • Version(s): before version 24120701
Published: January 9, 2025

CVE-2024-43652

8.8
    Iocharger firmware for AC model chargers
  • Version(s): before version 24120701
Published: January 9, 2025

CVE-2024-43653

8.8
    Iocharger firmware for AC model chargers
  • Version(s): before version 24120701
Published: January 9, 2025

CVE-2024-43654

8.8
    Iocharger
  • Version(s): before 25010801
Published: January 9, 2025

CVE-2024-43656

8.8
    Iocharger firmware
  • Version(s): before version 24120701
Published: January 9, 2025

CVE-2024-43657

8.8
    Iocharger firmware for AC model chargers
  • Version(s): before version 24120701
Published: January 9, 2025

CVE-2024-12848

8.8
    SKT Page Builder plugin for WordPress
  • Version(s): up to 4.6
Published: January 9, 2025

CVE-2025-0349

8.8
    Tenda AC6
  • Version(s): 15.03.05.16
Published: January 9, 2025

CVE-2024-13244

8.8
    Drupal Migrate Tools
  • Version(s): 0.0.0 before 6.0.3
Published: January 9, 2025

CVE-2024-13250

8.8
    Drupal Symfony Mailer Lite
  • Version(s): 0.0.0 before 1.0.6
Published: January 9, 2025

CVE-2024-13251

8.8
    Drupal Registration role
  • Version(s): 0.0.0 before 2.0.1
Published: January 9, 2025

CVE-2024-13260

8.8
    Drupal Migrate queue importer
  • Version(s): 0.0.0, before 2.1.1
Published: January 9, 2025

CVE-2024-13282

8.8
    Drupal
  • Version(s): 1.0.0 - 1.2.0
Published: January 9, 2025

CVE-2024-13284

8.8
    Gutenberg
  • Version(s): 0.0.0 - 2.13.0, 3.0.0 - 3.0.5
Published: January 9, 2025

CVE-2024-51229

8.8
    LinZhaoguan pb-cms
  • Version(s): 2.0
Published: January 9, 2025

CVE-2025-21385

8.8
    Microsoft
  • Purview
Published: January 9, 2025

CVE-2025-21380

8.8
    Microsoft
  • Azure Marketplace
Published: January 9, 2025

CVE-2024-12542

8.6
    Wordpress linkID plugin
  • Version(s): 0.1.2
Published: January 9, 2025

CVE-2025-22505

8.5
    NC Wishlist for Woocommerce
  • Version(s): n/a, 1.0.1
Published: January 9, 2025

CVE-2025-22535

8.5
    WPListCal
  • Version(s): n/a through 1.3.5
Published: January 9, 2025

CVE-2025-22537

8.5
    Google Maps Travel Route
  • Version(s): n/a, 1.3.1
Published: January 9, 2025

CVE-2023-24010

8.2
    Data Distribution Service (DDS)
Published: January 9, 2025

CVE-2023-24011

8.2
    DDS (Data Distribution Service)
Published: January 9, 2025

CVE-2023-24012

8.2
    Unknown
Published: January 9, 2025

CVE-2024-27980

8.1
    Node.js
Published: January 9, 2025

CVE-2025-22508

8.1
    Roninwp FAT Event Lite
  • Version(s): from n/a through 1.1
Published: January 9, 2025

CVE-2023-1907

8.0
    pgAdmin
Published: January 9, 2025

CVE-2024-54887

8.0
    TP-Link TL-WR940N
  • Version(s): V3, V4 with firmware 3.16.9 and earlier
Published: January 9, 2025

CVE-2024-13206

7.8
    REVE Antivirus
  • Version(s): 1.0.0.0
Published: January 9, 2025

CVE-2024-53706

7.8
    Gen7 SonicOS Cloud platform NSv
Published: January 9, 2025

CVE-2024-46464

7.8
    PRIMX ZED Enterprise
  • Version(s): up to 2024.3
Published: January 9, 2025

CVE-2025-22527

7.6
    Mailing Group Listserv
  • Version(s): n/a - 2.0.9
Published: January 9, 2025

CVE-2024-53705

7.5
    SonicOS
Published: January 9, 2025

CVE-2024-43660

7.5
    Iocharger firmware for AC model chargers
  • Version(s): before version 24120701
Published: January 9, 2025

CVE-2024-12330

7.5
    WP Database Backup - Unlimited Database & Files Backup by Backup for WP plugin
  • Version(s): up to 7.3
Published: January 9, 2025

CVE-2025-21599

7.5
    Juniper Networks Junos OS Evolved
  • Version(s): 22.4-EVO before 22.4R3-S5-EVO, 23.2-EVO before 23.2R2-S2-EVO, 23.4-EVO before 23.4R2-S2-EVO, 24.2-EVO before 24.2R1-S2-EVO, 24.2R2-EVO
Published: January 9, 2025

CVE-2024-13240

7.5
    Drupal Open Social
  • Version(s): 0.0.0 before 12.05
Published: January 9, 2025

CVE-2024-13254

7.5
    Drupal
  • Version(s): 0.0.0 before 3.0.1
Published: January 9, 2025

CVE-2024-13255

7.5
    Drupal RESTful Web Services
  • Version(s): 7.X-2.0 before 7.X-2.10
Published: January 9, 2025

CVE-2024-13256

7.5
    Drupal Email Contact
  • Version(s): 0.0.0 before 2.0.4
Published: January 9, 2025

CVE-2024-13259

7.5
    Drupal Image Sizes
  • Version(s): 0.0.0 before 3.0.2
Published: January 9, 2025

CVE-2025-21598

7.5
    Juniper Networks Junos OS
  • Version(s): 21.2R3-S8 - 21.2R3-S9, 21.4R3-S7 - 21.4R3-S9, 22.2R3-S4 - 22.2R3-S5, 22.3R3-S2 - 22.3R3-S4, 22.4R3 - 22.4R3-S5, 23.2R2 - 23.2R2-S2, 23.4R1 - 23.4R2-S1, 24.2R1 - 24.2R1-S1, 24.2R2
    Junos OS Evolved
  • Version(s): 21.4R3-S7-EVO - 21.4R3-S9-EVO, 22.2R3-S4-EVO - 22.2R3-S5-EVO, 22.3R3-S2-EVO - 22.3R3-S4-EVO, 22.4R3-EVO - 22.4R3-S5-EVO, 23.2R2-EVO - 23.2R2-S2-EVO, 23.4R1-EVO - 23.4R2-S1-EVO, 24.2R1-EVO - 24.2R1-S2-EVO, 24.2R2-EVO
Published: January 9, 2025

CVE-2024-13265

7.5
    Opigno Learning path
  • Version(s): 0.0.0, before 3.1.2
Published: January 9, 2025

CVE-2024-13267

7.5
    Opigno TinCan Question Type
  • Version(s): 7.X-1.0, 7.X-1.3
Published: January 9, 2025

CVE-2024-13276

7.5
    Drupal File Entity
  • Version(s): 7.X-* before 7.X-2.39
Published: January 9, 2025

CVE-2024-56113

7.5
    Smart Toilet Lab - Motius
  • Version(s): 1.3.11
Published: January 9, 2025

CVE-2025-0306

7.4
    Ruby
Published: January 9, 2025

CVE-2024-13200

7.3
    SpringBoot-Blog
  • Version(s): 1.0
Published: January 9, 2025

CVE-2025-0328

7.3
    KaiYuanTong ECT Platform
  • Version(s): up to 2.0.0
Published: January 9, 2025

CVE-2025-0340

7.3
    Cinema Seat Reservation System
  • Version(s): 1.0
Published: January 9, 2025

CVE-2025-0347

7.3
    Admission Management System
  • Version(s): 1.0
Published: January 9, 2025

CVE-2024-13291

7.3
    Drupal
  • Version(s): 7.X-1.0 before 7.X-1.4
Published: January 9, 2025

CVE-2024-13311

7.3
    Drupal
  • Version(s): Unknown
Published: January 9, 2025

CVE-2024-12803

7.2
    SonicOS
Published: January 9, 2025

CVE-2024-12805

7.2
    SonicOS
Published: January 9, 2025

CVE-2024-43659

7.2
    Iocharger AC Model EV chargers
  • Version(s): before firmware version 25010801
Published: January 9, 2025

CVE-2025-22510

7.2
    WC Price History for Omnibus
  • Version(s): n/a, 2.1.4
Published: January 9, 2025

CVE-2025-22295

7.1
    Tripetto WordPress form builder plugin for contact forms, surveys and quizzes
  • Version(s): n/a - 8.0.5
Published: January 9, 2025

CVE-2025-22307

7.1
    Product Table for WooCommerce
  • Version(s): n/a, 3.5.6
Published: January 9, 2025

CVE-2025-22313

7.1
    Widgetize Pages Light
  • Version(s): n/a, 3.0
Published: January 9, 2025

CVE-2025-22330

7.1
    MG Parallax Slider
  • Version(s): n/a, 1.0
Published: January 9, 2025

CVE-2025-22331

7.1
    Cf7Save Extension
  • Version(s): n/a, 1
Published: January 9, 2025

CVE-2025-22345

7.1
    TS Comfort DB
  • Version(s): n/a, 2.0.7
Published: January 9, 2025

CVE-2025-22361

7.1
    Opentracker Analytics
  • Version(s): n/a through 1.3
Published: January 9, 2025

CVE-2025-22521

7.1
    wp Hosting Performance Check
  • Version(s): from n/a through 2.18.8
Published: January 9, 2025

CVE-2025-22539

7.1
    ka2 Custom DataBase Tables
  • Version(s): n/a, 2.1.34
Published: January 9, 2025

CVE-2025-22594

7.1
    Better User Shortcodes
  • Version(s): from n/a through 1.0
Published: January 9, 2025

CVE-2025-22595

7.1
    Mailing Group Listserv
  • Version(s): from n/a, 2.0.9
Published: January 9, 2025

CVE-2025-22814

7.1
    Zephyr Admin Theme
  • Version(s): n/a - 1.4.1
Published: January 9, 2025

CVE-2024-13268

6.8
    Opigno
  • Version(s): 7.X-1.0 before 7.X-1.23
Published: January 9, 2025

CVE-2024-48806

6.8
    Neat Board NFC
  • Version(s): v.1.20240620.0015
Published: January 9, 2025

CVE-2024-13295

6.6
    Drupal Node export
  • Version(s): 7.X-* before 7.X-3.3
Published: January 9, 2025

CVE-2024-13296

6.6
    UNKNOWN
  • Version(s): 0.0.0 before 4.0.1
Published: January 9, 2025

CVE-2024-13297

6.6
    Eloqua
  • Version(s): 7.X-* - 7.X-1.14
Published: January 9, 2025

CVE-2024-13299

6.6
    Drupal Megamenu Framework
  • Version(s): UNKNOWN
Published: January 9, 2025

CVE-2024-13300

6.6
    Drupal Print Anything
Published: January 9, 2025

CVE-2024-12067

6.5
    WP Travel - Ultimate Travel Booking System, Tour Management Engine plugin for WordPress
  • Version(s): up to 10.0.0
Published: January 9, 2025

CVE-2025-22801

6.5
    HasThemes Free WooCommerce Theme 99fy Extension
  • Version(s): n/a through 1.2.8
Published: January 9, 2025

CVE-2025-22802

6.5
    Email Templates Customizer for WordPress - Drag And Drop Email Templates Builder - YeeMail
  • Version(s): n/a - 2.1.4
Published: January 9, 2025

CVE-2025-22803

6.5
    VillaTheme Advanced Product Information for WooCommerce
  • Version(s): n/a, 1.1.4
Published: January 9, 2025

CVE-2025-22804

6.5
    Author Avatars List/Block
  • Version(s): from n/a through 2.1.23
Published: January 9, 2025

CVE-2025-22805

6.5
    ThemePoints Skill Bar
  • Version(s): n/a - 1.2
Published: January 9, 2025

CVE-2025-22806

6.5
    Modernaweb Studio Black Widgets For Elementor
  • Version(s): n/a - 1.3.8
Published: January 9, 2025

CVE-2025-22807

6.5
    Responsive Flickr Slideshow
  • Version(s): n/a, 2.6.0
Published: January 9, 2025

CVE-2025-22808

6.5
    Surbma Surbma | Premium WP
  • Version(s): n/a through 9.0
Published: January 9, 2025

CVE-2025-22809

6.5
    Gravity Master PDF Catalog Woocommerce
  • Version(s): n/a, 2.0
Published: January 9, 2025

CVE-2025-22810

6.5
    Content Blocks Builder
  • Version(s): n/a, 2.7.6
Published: January 9, 2025

CVE-2025-22811

6.5
    MT Addons for Elementor
  • Version(s): from n/a through 1.0.6
Published: January 9, 2025

CVE-2025-22812

6.5
    FlickDevs News Ticker Widget for Elementor
  • Version(s): n/a, 1.3.2
Published: January 9, 2025

CVE-2025-22813

6.5
    ChatBot for WordPress - WPBot Conversational Forms
  • Version(s): n/a - 1.4.2
Published: January 9, 2025

CVE-2025-22815

6.5
    Button Block by bPlugins LLC
  • Version(s): n/a, 1.1.6
Published: January 9, 2025

CVE-2025-22817

6.5
    Venutius BP Profile Shortcodes Extra
  • Version(s): n/a, 2.6.0
Published: January 9, 2025

CVE-2025-22818

6.5
    S3Player - WooCommerce & Elementor Integration
  • Version(s): n/a through 4.2.1
Published: January 9, 2025

CVE-2025-22819

6.5
    Qr Code and Barcode Scanner Reader
  • Version(s): n/a, 1.0.0
Published: January 9, 2025

CVE-2025-22820

6.5
    Daniel Walmsley VR Views
  • Version(s): n/a - 1.5.1
Published: January 9, 2025

CVE-2025-22821

6.5
    StorePress
  • Version(s): from n/a, 1.0.12
Published: January 9, 2025

CVE-2025-22822

6.5
    wp custom countdown
  • Version(s): n/a - 2.8
Published: January 9, 2025

CVE-2025-22823

6.5
    Genesis Style Shortcodes
  • Version(s): n/a, 1.0
Published: January 9, 2025

CVE-2025-22824

6.5
    Lucia Intelisano Live Flight Radar
  • Version(s): n/a, 1.0
Published: January 9, 2025

CVE-2025-22826

6.5
    wpecommerce
  • Version(s): n/a, 2.2.7
    wp.insider Sell Digital Downloads
  • Version(s): n/a, 2.2.7
Published: January 9, 2025

CVE-2025-22827

6.5
    WP Joomag
  • Version(s): n/a, 2.5.2
Published: January 9, 2025

CVE-2025-21593

6.5
    Juniper Networks Junos OS
  • Version(s): All versions before 21.2R3-S9, from 21.4 before 21.4R3-S10, from 22.2 before 22.2R3-S5, from 22.3 before 22.3R3-S4, from 22.4 before 22.4R3-S3, from 23.2 before 23.2R2-S2, from 23.4 before 23.4R2
Published: January 9, 2025

CVE-2025-21600

6.5
    Junos OS
  • Version(s): before 21.4R3-S9, from 22.2 before 22.2R3-S5, from 22.3 before 22.3R3-S4, from 22.4 before 22.4R3-S5, from 23.2 before 23.2R2-S3, from 23.4 before 23.4R2-S3, from 24.2 before 24.2R1-S2, 24.2R2
    Junos OS Evolved
  • Version(s): before 21.4R3-S9-EVO, from 22.2 before 22.2R3-S5-EVO, from 22.3 before 22.3R3-S4-EVO, from 22.4 before 22.4R3-S5-EVO, from 23.2 before 23.2R2-S3-EVO, from 23.4 before 23.4R2-S2-EVO, from 24.2 before 24.2R1-S2-EVO, 24.2R2-EVO
Published: January 9, 2025

CVE-2025-21602

6.5
    Junos OS
  • Version(s): 21.4 before 21.4R3-S9, 22.2 before 22.2R3-S5, 22.3 before 22.3R3-S4, 22.4 before 22.4R3-S5, 23.2 before 23.2R2-S3, 23.4 before 23.4R2-S3, 24.2 before 24.2R1-S2, 24.2R2
    Junos OS Evolved
  • Version(s): 21.4 before 21.4R3-S9-EVO, 22.2 before 22.2R3-S5-EVO, 22.3 before 22.3R3-S4-EVO, 22.4 before 22.4R3-S5-EVO, 23.2 before 23.2R2-S3-EVO, 23.4 before 23.4R2-S3-EVO, 24.2 before 24.2R1-S2-EVO, 24.2R2-EVO
Published: January 9, 2025

CVE-2024-13243

6.5
    Drupal Entity Delete Log
  • Version(s): 0.0.0, 1.1.1
Published: January 9, 2025

CVE-2024-56114

6.5
    Canlineapp Online
  • Version(s): 1.1
Published: January 9, 2025

CVE-2024-13310

6.5
    Drupal Git Utilities
  • Version(s): UNKNOWN
Published: January 9, 2025

CVE-2024-13153

6.4
    Unlimited Elements For Elementor plugin for WordPress
  • Version(s): up to 1.5.135
Published: January 9, 2025

CVE-2024-11907

6.4
    WordPress Skyword API Plugin
  • Version(s): up to 2.5.2
Published: January 9, 2025

CVE-2024-11929

6.4
    Responsive FlipBook Plugin Wordpress plugin
  • Version(s): up to 2.5.0
Published: January 9, 2025

CVE-2024-12491

6.4
    SimplyRETS Real Estate IDX plugin for WordPress
  • Version(s): up to 2.11.2
Published: January 9, 2025

CVE-2024-12493

6.4
    WordPress Files Download Delay plugin
  • Version(s): up to 1.0.9
Published: January 9, 2025

CVE-2024-12496

6.4
    Linear plugin for WordPress
  • Version(s): up to 2.7.12
Published: January 9, 2025

CVE-2024-12514

6.4
    WordPress 3DVieweronline plugin
  • Version(s): up to 2.2.2
Published: January 9, 2025

CVE-2024-12515

6.4
    WordPress Muslim Prayer Time-Salah/Iqamah plugin
  • Version(s): up to 1.8.8
Published: January 9, 2025

CVE-2024-12621

6.4
    Yumpu E-Paper publishing plugin for WordPress
  • Version(s): up to 3.0.8
Published: January 9, 2025

CVE-2024-12819

6.4
    Searchie plugin for WordPress
  • Version(s): up to 1.17.0
Published: January 9, 2025

CVE-2024-6155

6.4
    Greenshift - animation and page builder blocks plugin for WordPress
  • Version(s): up to 9.0.0, 8.9.9, 9.0.1
Published: January 9, 2025

CVE-2024-13194

6.3
    Sucms
  • Version(s): 1.0
Published: January 9, 2025

CVE-2024-13195

6.3
    donglight bookstore电商书城系统说明
  • Version(s): 1.0.0
Published: January 9, 2025

CVE-2023-23913

6.3
    Rails
Published: January 9, 2025

CVE-2024-13211

6.3
    SingMR HouseRent
  • Version(s): 1.0
Published: January 9, 2025

CVE-2024-13212

6.3
    SingMR HouseRent
  • Version(s): 1.0
Published: January 9, 2025

CVE-2025-0333

6.3
    leiyuxi cy-fast
  • Version(s): 1.0
Published: January 9, 2025

CVE-2025-0334

6.3
    leiyuxi cy-fast
  • Version(s): 1.0
Published: January 9, 2025

CVE-2025-0335

6.3
    Online Bike Rental System
  • Version(s): 1.0
Published: January 9, 2025

CVE-2025-0336

6.3
    Codezips Project Management System
  • Version(s): 1.0
Published: January 9, 2025

CVE-2025-0341

6.3
    CampCodes Computer Laboratory Management System
  • Version(s): 1.0
Published: January 9, 2025

CVE-2025-0344

6.3
    leiyuxi cy-fast
  • Version(s): 1.0
Published: January 9, 2025

CVE-2025-0345

6.3
    leiyuxi cy-fast
  • Version(s): 1.0
Published: January 9, 2025

CVE-2024-13272

6.3
    Drupal
  • Version(s): 0.0.0 - 1.23.0, 2.0.0 - 2.0.2
Published: January 9, 2025

CVE-2024-54761

6.3
    BigAnt Office Messenger
  • Version(s): 5.6.06
Published: January 9, 2025

CVE-2024-54762

6.3
    Ruoyi
  • Version(s): 4.7.9 and before
Published: January 9, 2025

CVE-2024-12714

6.1
    Backlink Monitoring Manager WordPress plugin
  • Version(s): 0.1.3
Published: January 9, 2025

CVE-2024-12715

6.1
    Asgard Security Scanner WordPress plugin
  • Version(s): 0.7
Published: January 9, 2025

CVE-2024-12731

6.1
    Aklamator INfeed WordPress plugin
  • Version(s): through 2.0.0
Published: January 9, 2025

CVE-2024-12736

6.1
    BU Section Editing WordPress plugin
  • Version(s): <= 0.9.9
Published: January 9, 2025

CVE-2024-11328

6.1
    CLUEVO LMS, E-Learning Platform plugin for WordPress
  • Version(s): up to 1.13.2
Published: January 9, 2025

CVE-2024-11686

6.1
    WhatsApp 🚀 click to chat plugin for WordPress
  • Version(s): up to 3.0.4
Published: January 9, 2025

CVE-2024-11815

6.1
    Pósturinn's Shipping with WooCommerce plugin for WordPress
  • Version(s): up to 1.3.1
Published: January 9, 2025

CVE-2024-12122

6.1
    ResAds plugin for WordPress
  • Version(s): up to 2.0.6
Published: January 9, 2025

CVE-2024-12218

6.1
    Woocommerce check pincode/zipcode for shipping plugin for WordPress
  • Version(s): up to 2.0.4
Published: January 9, 2025

CVE-2024-12222

6.1
    Deliver via Shipos for WooCommerce plugin for WordPress
  • Version(s): up to 2.1.7
Published: January 9, 2025

CVE-2024-12285

6.1
    WordPress SEMA API plugin
  • Version(s): up to 5.27
Published: January 9, 2025

CVE-2024-12394

6.1
    Action Network plugin for WordPress
  • Version(s): up to 1.4.4
Published: January 9, 2025

CVE-2024-13283

6.1
    Drupal Facets
  • Version(s): 0.0.0 before 2.0.9
Published: January 9, 2025

CVE-2024-55494

6.1
    Opencode Mobile Collect Call
  • Version(s): 5.4.7
Published: January 9, 2025

CVE-2024-13301

6.1
    OAuth & OpenID Connect Single Sign On - SSO (OAuth/OIDC Client)
  • Version(s): 3.0.0 - 3.44.0, 4.0.0 - 4.0.19
Published: January 9, 2025

CVE-2024-56826

5.6
    OpenJPEG
Published: January 9, 2025

CVE-2024-56827

5.6
    OpenJPEG
Published: January 9, 2025

CVE-2023-38037

5.5
    Ruby on Rails
Published: January 9, 2025

CVE-2024-13204

5.5
    E-Commerce-PHP
  • Version(s): 1.0
Published: January 9, 2025

CVE-2022-22491

5.5
    IBM App Connect Enterprise Certified Container
  • Version(s): 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4
Published: January 9, 2025

CVE-2025-21592

5.5
    Juniper Networks Junos OS on SRX Series devices
  • Version(s): All versions before 21.4R3-S8, from 22.2 before 22.2R3-S5, from 22.3 before 22.3R3-S3, from 22.4 before 22.4R3-S2, from 23.2 before 23.2R2-S1, from 23.4 before 23.4R2
Published: January 9, 2025

CVE-2025-21596

5.5
    Juniper Networks Junos OS on SRX1500, SRX4100, SRX4200
  • Version(s): All versions before 21.4R3-S9, from 22.2 before 22.2R3-S5, from 22.3 before 22.3R3-S4, from 22.4 before 22.4R3-S4, from 23.2 before 23.2R2-S3, from 23.4 before 23.4R2-S1
Published: January 9, 2025

CVE-2024-13248

5.5
    Drupal Private content
  • Version(s): 0.0.0 before 2.1.0
Published: January 9, 2025

CVE-2024-13263

5.5
    Opigno group manager
  • Version(s): 0.0.0 before 3.1.1
Published: January 9, 2025

CVE-2024-43176

5.4
    IBM OpenPages
  • Version(s): 9.0
Published: January 9, 2025

CVE-2024-13237

5.4
    Drupal File Entity (fieldable files)
  • Version(s): 7.X-* before 7.X-2.38
Published: January 9, 2025

CVE-2024-13238

5.4
    Drupal Typogrify
  • Version(s): 0.0.0, before 1.3.0
Published: January 9, 2025

CVE-2024-13245

5.4
    Drupal CKEditor 4 LTS - WYSIWYG HTML editor
  • Version(s): 1.0.0, 1.0.1
Published: January 9, 2025

CVE-2024-13249

5.4
    Drupal Node Access Rebuild Progressive
  • Version(s): 7.X-1.0, 7.X-1.1
Published: January 9, 2025

CVE-2024-13252

5.4
    Drupal TacJS
  • Version(s): 0.0.0 before 6.5.0
Published: January 9, 2025

CVE-2024-13273

5.4
    Drupal Open Social
  • Version(s): 0.0.0 - 12.3.8, 12.4.0 - 12.4.5, 13.0.0 - 13.0.0-alpha11
Published: January 9, 2025

CVE-2024-13286

5.4
    Drupal SVG Embed
  • Version(s): 0.0.0, 2.1.2
Published: January 9, 2025

CVE-2024-13287

5.4
    Drupal Views SVG Animation
  • Version(s): 0.0.0 before 1.0.1
Published: January 9, 2025

CVE-2024-42898

5.4
    Nagios XI
  • Version(s): 2024R1.1.4
Published: January 9, 2025

CVE-2024-13289

5.4
    Drupal Cookiebot + GTM
  • Version(s): 0.0.0 before 1.0.18
Published: January 9, 2025

CVE-2024-13294

5.4
    Drupal POST File
  • Version(s): 0.0.0 before 1.0.2
Published: January 9, 2025

CVE-2024-13309

5.4
    Drupal Login Disable
  • Version(s): 2.0.0, 2.0.1, 2.1.0
Published: January 9, 2025

CVE-2024-55226

5.4
    Vaultwarden
  • Version(s): 1.32.5
Published: January 9, 2025

CVE-2024-56376

5.4
    Vanderbilt
  • Redcap
Published: January 9, 2025

CVE-2024-56377

5.4
    Vanderbilt
  • Redcap
Published: January 9, 2025

CVE-2023-27531

5.3
    UNKNOWN
Published: January 9, 2025

CVE-2023-27539

5.3
    Rack
Published: January 9, 2025

CVE-2023-28120

5.3
    Ruby on Rails
  • Version(s): 5.0.x, 5.1.x, 5.2.x, 6.0.x, 6.1.x
Published: January 9, 2025

CVE-2025-0331

5.3
    YunzMall
  • Version(s): up to 2.4.2
Published: January 9, 2025

CVE-2024-13246

5.3
    Drupal Node Access Rebuild Progressive
  • Version(s): 0.0.0 before 2.0.2
Published: January 9, 2025

CVE-2024-13257

5.3
    Drupal Commerce View Receipt
  • Version(s): 0.0.0 before 1.0.3
Published: January 9, 2025

CVE-2024-13266

5.3
    Drupal Responsive and off-canvas menu
  • Version(s): 0.0.0 before 4.4.4
Published: January 9, 2025

CVE-2024-13269

5.3
    Drupal Advanced Varnish
  • Version(s): 0.0.0 before 4.0.11
Published: January 9, 2025

CVE-2024-13274

5.3
    Drupal Open Social
  • Version(s): 0.0.0 - 12.3.8, 12.4.0 - 12.4.5
Published: January 9, 2025

CVE-2024-13275

5.3
    Drupal Security Kit
  • Version(s): 0.0.0 before 2.0.3
Published: January 9, 2025

CVE-2024-13290

5.3
    OhDear Integration for Drupal
  • Version(s): 0.0.0 before 2.0.4
Published: January 9, 2025

CVE-2024-13302

5.3
    Drupal Pages Restriction Access
  • Version(s): 2.0.0 - 2.0.3
Published: January 9, 2025

CVE-2024-13303

5.3
    Drupal Download All Files
  • Version(s): 0.0.0, before 2.0.2
Published: January 9, 2025

CVE-2024-13312

5.3
    Open Social
  • Version(s): 11.8.0 - 12.3.10, 12.4.0 - 12.4.9
Published: January 9, 2025

CVE-2024-12806

4.9
    SonicOS
Published: January 9, 2025

CVE-2024-12717

4.8
    Aklamator INfeed WordPress plugin
  • Version(s): through 2.0.0
Published: January 9, 2025

CVE-2024-13247

4.8
    Drupal Coffee
  • Version(s): 0.0.0 before 1.4.0
Published: January 9, 2025

CVE-2024-13262

4.8
    Drupal View Password
  • Version(s): 0.0.0, 6.0.4
Published: January 9, 2025

CVE-2024-13292

4.8
    Tooltip
  • Version(s): 0.0.0 before 1.1.2
Published: January 9, 2025

CVE-2024-13298

4.8
    Drupal Tarte au Citron
  • Version(s): 2.0.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4
Published: January 9, 2025

CVE-2024-13305

4.8
    Drupal Entity Form Steps
  • Version(s): 0.0.0 before 1.1.4
Published: January 9, 2025

CVE-2024-13201

4.7
    SpringBoot-Blog
  • Version(s): 1.0
Published: January 9, 2025

CVE-2024-13210

4.7
    donglight bookstore电商书城系统说明
  • Version(s): 1.0
Published: January 9, 2025

CVE-2025-0346

4.7
    code-projects Content Management System
  • Version(s): 1.0
Published: January 9, 2025

CVE-2024-13304

4.5
    Drupal Minify JS
  • Version(s): 0.0.0 - 3.0.2
Published: January 9, 2025

CVE-2024-13203

4.3
    E-Commerce-PHP
  • Version(s): 1.0
Published: January 9, 2025

CVE-2024-6324

4.3
    GitLab CE/EE
  • Version(s): 15.7 - 17.5.5, 17.6 - 17.6.3, 17.7 - 17.7.1
Published: January 9, 2025

CVE-2025-20033

4.3
    Mattermost
  • Version(s): 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3
Published: January 9, 2025

CVE-2024-12206

4.3
    WordPress Header Builder Plugin - Pearl
  • Version(s): up to 1.3.8
Published: January 9, 2025

CVE-2024-12249

4.3
    GS Insever Portfolio plugin for WordPress
  • Version(s): up to 1.4.5
Published: January 9, 2025

CVE-2024-12605

4.3
    AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin
  • Version(s): up to 2.3
Published: January 9, 2025

CVE-2024-12616

4.3
    Bitly's WordPress Plugin
  • Version(s): up to 2.7.3
Published: January 9, 2025

CVE-2024-12618

4.3
    Newsletter2Go plugin for WordPress
  • Version(s): up to 4.0.14
Published: January 9, 2025

CVE-2024-5769

4.3
    MIMO Woocommerce Order Tracking plugin for WordPress
  • Version(s): up to 1.0.2
Published: January 9, 2025

CVE-2025-22561

4.3
    Title Experiments Free
  • Version(s): n/a, 9.0.4
Published: January 9, 2025

CVE-2024-13270

4.3
    Drupal Freelinking
  • Version(s): 0.0.0 - 4.0.1
Published: January 9, 2025

CVE-2024-13271

4.3
    Drupal Content Entity Clone
  • Version(s): 0.0.0 before 1.0.4
Published: January 9, 2025

CVE-2024-13288

4.3
    Monster Menus
  • Version(s): 0.0.0 - 9.3.4, 9.4.0 - 9.4.2
Published: January 9, 2025

CVE-2024-10815

4.2
    PostLists WordPress plugin
  • Version(s): through 2.0.2
Published: January 9, 2025

CVE-2024-13041

4.2
    GitLab CE/EE
  • Version(s): 16.4 - 17.5.4, 17.6 - 17.6.2, 17.7 - 17.7.0
Published: January 9, 2025

CVE-2023-28362

4.0
    Ruby on Rails
Published: January 9, 2025

CVE-2025-22449

3.8
    Mattermost
  • Version(s): 9.11.0, 9.11.1, 9.11.2, 9.11.3, 9.11.4, 9.11.5
Published: January 9, 2025

CVE-2024-13308

3.8
    Browser Back Button
  • Version(s): 1.0.0, 2.0.2
Published: January 9, 2025

CVE-2024-13198

3.7
    Mblog Blog System
  • Version(s): 3.5.0
Published: January 9, 2025

CVE-2024-10106

3.7
    UNKNOWN
Published: January 9, 2025

CVE-2025-22151

3.7
    Strawberry GraphQL
  • Version(s): 0.182.0, before 0.257.0
    Django ORM
  • Version(s): UNKNOWN
    SQLAlchemy ORM
  • Version(s): UNKNOWN
    Pydantic ORM
  • Version(s): UNKNOWN
Published: January 9, 2025

CVE-2024-37372

3.6
    UNKNOWN
Published: January 9, 2025

CVE-2024-13196

3.5
    donglight bookstore电商书城系统说明
  • Version(s): 1.0.0
Published: January 9, 2025

CVE-2024-13197

3.5
    donglight bookstore电商书城系统说明
  • Version(s): 1.0.0
Published: January 9, 2025

CVE-2024-13199

3.5
    langhsu Mblog Blog System
  • Version(s): 3.5.0
Published: January 9, 2025

CVE-2024-13213

3.5
    SingMR HouseRent
  • Version(s): 1.0
Published: January 9, 2025

CVE-2025-0339

3.5
    Online Bike Rental
  • Version(s): 1.0
Published: January 9, 2025

CVE-2025-22445

3.5
    Mattermost
  • Version(s): 10.x <= 10.2
Published: January 9, 2025

CVE-2025-0342

3.5
    CampCodes Computer Laboratory Management System
  • Version(s): 1.0
Published: January 9, 2025

CVE-2025-0348

3.5
    CampCodes DepEd Equipment Inventory System
  • Version(s): 1.0
Published: January 9, 2025

CVE-2024-13261

3.5
    Acquia DAM
  • Version(s): 0.0.0 - 1.0.13, 1.1.0 - 1.1.0-beta3
Published: January 9, 2025

CVE-2024-13293

3.1
    Drupal POST File
  • Version(s): 0.0.0 before 1.0.2
Published: January 9, 2025

CVE-2024-13202

2.4
    SpringBoot-Blog
  • Version(s): 1.0
Published: January 9, 2025

CVE-2024-13205

2.4
    E-Commerce-PHP
  • Version(s): 1.0
Published: January 9, 2025

CVE-2024-13209

2.4
    Redaxo CMS
  • Version(s): 5.18.1
Published: January 9, 2025

CVE-2024-43650

None
    Iocharger firmware for AC models
  • Version(s): before 24120701
Published: January 9, 2025

CVE-2024-43651

None
    Iocharger firmware for AC models
  • Version(s): before version 241207101
Published: January 9, 2025

CVE-2024-43655

None
    Iocharger firmware for AC model chargers
  • Version(s): before version 24120701
Published: January 9, 2025

CVE-2024-43658

None
    Iocharger Home
  • Version(s): before firmware version 25010801
Published: January 9, 2025

CVE-2024-43662

None
    Iocharger firmware for AC models
  • Version(s): before version 24120701
Published: January 9, 2025

CVE-2025-22149

None
    JWK Set (JSON Web Key Set)
  • Version(s): 0.5.0, 0.6.0
Published: January 9, 2025
Click here to see more Vulnerabilities