Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total3
Critical1
High1
Medium1
Reset
Showing 1-3 of 3 records
Threat Entry Updated 2025-05-28

CVE-2024-8673 - Z Downloads Plugin

The Z-Downloads WordPress plugin before 1.11.7 does not properly validate uploaded files allowing for the uploading of SVGs containing malicious JavaScript.

PLUGIN Z Downloads

CVE-2024-8673

CRITICAL CVSS 9.1 2025-05-15
Open Full Technical Breakdown
Threat Entry Updated 2025-05-28

CVE-2024-8699 - Z Downloads Plugin

The Z-Downloads WordPress plugin before 1.11.5 does not properly validate files uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)

PLUGIN Z Downloads

CVE-2024-8699

HIGH CVSS 7.2 2025-05-15
Open Full Technical Breakdown
Threat Entry Updated 2025-05-28

CVE-2024-8703 - Z Downloads Plugin

The Z-Downloads WordPress plugin before 1.11.6 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated visitors to perform Cross-Site Scripting attacks when accessing share URLs.

PLUGIN Z Downloads

CVE-2024-8703

MEDIUM CVSS 6.1 2025-05-15
Open Full Technical Breakdown
Scroll to top