High Vulnerabilities
Primary
Vendor — Product
Description
Published
CVSS Score
Source & Patch Info
abdul_hakeem — build_app_online
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege Escalation.This issue affects Build App Online: from n/a through 1.0.19.
2024-04-25
9.8
CVE-2023-51478
algolplus — advanced_order_export_for_woocommerce
Improper Control of Generation of Code (‘Code Injection’) vulnerability in AlgolPlus Advanced Order Export For WooCommerce allows Code Injection.This issue affects Advanced Order Export For WooCommerce: from n/a through 3.4.4.
2024-04-25
9.1
CVE-2024-31266
andondesign — udesign
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in AndonDesign UDesign allows Reflected XSS.This issue affects UDesign: from n/a through 4.7.3.
2024-04-25
7.1
CVE-2024-4077
ant-media — ant-media-server
Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 through 2.8.2 allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerability arises from Ant Media Server running with Java Management Extensions (JMX) enabled and authentication disabled on localhost on port 5599/TCP. This vulnerability is nearly identical to the local privilege