| Page(s) : 1 ... 341 342 343 344 345 346 347 348 349 350 [351] 352 353 354 355 356 357 358 359 360 361 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-06-07 | CVE-2020-36726 | cve | The Ultimate Reviews plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.1.32 via deserialization of untrusted input in several vulner... |
| 9.8 | 2023-06-07 | CVE-2020-36727 | cve | The Newsletter Manager plugin for WordPress is vulnerable to insecure deserialization in versions up to, and including, 1.5.1. This is due to unsanitized input from the 'cu... |
| 9.3 | 2023-06-07 | CVE-2020-36730 | cve | The CMP for WordPress is vulnerable to authorization bypass due to a missing capability check on the cmp_get_post_detail(), niteo_export_csv(), and cmp_disable_comingsoon_ajax()... |
| 9.8 | 2023-06-07 | CVE-2021-4341 | cve | The uListing plugin for WordPress is vulnerable to authorization bypass via Ajax due to missing capability checks, missing input validation, and a missing security nonce in the ... |
| 9.8 | 2023-06-07 | CVE-2021-4343 | cve | The Unauthenticated Account Creation plugin for WordPress is vulnerable to Unauthenticated Account Creation in versions up to, and including, 1.6.6. This is due to the stm_listi... |
| 9.8 | 2023-06-07 | CVE-2021-4356 | cve | The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Download in versions up to, and including, 18.2. This is due to lacking authenti... |
| 9.8 | 2023-06-07 | CVE-2021-4362 | cve | The Kiwi Social Share plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the kiwi_social_share_get_option() function called via the ... |
| 9.8 | 2023-06-07 | CVE-2021-4370 | cve | The uListing plugin for WordPress is vulnerable to authorization bypass as most actions and endpoints are accessible to unauthenticated users, lack security nonces, and data is ... |
| 9.8 | 2023-06-07 | CVE-2021-4374 | cve | The WordPress Automatic Plugin for WordPress is vulnerable to arbitrary options updates in versions up to, and including, 3.53.2. This is due to missing authorization and option... |
| 9.8 | 2023-06-07 | CVE-2021-4381 | cve | The uListing plugin for WordPress is vulnerable to authorization bypass via wp_route due to missing capability checks, and a missing security nonce, in the StmListingSingleLayou... |
| 9.1 | 2023-06-07 | CVE-2023-33604 | cve | Imperial CMS v7.5 was discovered to contain an arbitrary file deletion vulnerability via the DelspReFile function in /sp/ListSp.php. This vulnerability is exploited by attackers... |
| 9.8 | 2023-06-06 | CVE-2023-29632 | cve | PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php. |
| 9.8 | 2023-06-06 | CVE-2023-34409 | cve | In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanitize URL paths to reject pat... |
| 9.8 | 2023-06-06 | CVE-2023-31569 | cve | TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection via the setWanCfg function. |
| 9.8 | 2023-06-06 | CVE-2023-33532 | cve | There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges, they can inject commands i... |
| 9.8 | 2023-06-06 | CVE-2023-34111 | cve | The `Release PR Merged` workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the g... |
| 9.8 | 2023-06-06 | CVE-2023-32540 | cve | In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file overwrite vulnerability, which could allow an attacker to overwrite any file in the operating system (i... |
| 9.8 | 2023-06-06 | CVE-2023-32628 | cve | In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to modify the file extension of a certificate fil... |
| 9.8 | 2023-06-05 | CVE-2023-29629 | cve | PrestaShop jmsthemelayout 2.5.5 is vulnerable to SQL Injection via ajax_jmsvermegamenu.php. |
| 9.8 | 2023-06-05 | CVE-2023-29630 | cve | PrestaShop jmsmegamenu 1.1.x and 2.0.x is vulnerable to SQL Injection via ajax_jmsmegamenu.php. |
| Page(s) : 1 ... 341 342 343 344 345 346 347 348 349 350 [351] 352 353 354 355 356 357 358 359 360 361 ... | Result(s) : 43290 |
