VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-12-17
CVE-2024-11900
The Portfolio – Filterable Masonry Portfolio Gallery for Professionals plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'portfolio-pro' shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-12-17
CVE-2024-11902
The Slope Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'slope-reservations' shortcode in all versions up to, and including, 4.2.11 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-12-17
CVE-2024-11905
The Animated Counters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'animatedcounte' shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-12-17
CVE-2024-11906
The TPG Get Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tpg_get_posts' shortcode in all versions up to, and including, 3.6.5 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-12-16
CVE-2024-12443
The CRM Perks – WordPress HelpDesk Integration – Zendesk, Freshdesk, HelpScout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'crm-perks-tickets' shortcode in all versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-12-16
CVE-2024-12664
Cross-site Scripting vulnerability in Ruifang-Tech Rebuild 3.8.5
A vulnerability, which was classified as problematic, has been found in ruifang-tech Rebuild 3.8.5.
network
low complexity
ruifang-tech
CWE-79
5.4
5.4
2024-12-16
CVE-2024-12665
Cross-site Scripting vulnerability in Ruifang-Tech Rebuild 3.8.5
A vulnerability, which was classified as problematic, was found in ruifang-tech Rebuild 3.8.5.
network
low complexity
ruifang-tech
CWE-79
5.4
5.4
2024-12-16
CVE-2024-12666
Unspecified vulnerability in Classcms
A vulnerability has been found in ClassCMS up to 4.8 and classified as critical.
network
low complexity
classcms
8.8
8.8
2024-12-16
CVE-2024-12667
Insufficient Session Expiration vulnerability in Invoiceplane
A vulnerability was found in InvoicePlane up to 1.6.1 and classified as problematic.
network
high complexity
invoiceplane
CWE-613
5.9
5.9
2024-12-16
CVE-2024-12662
NULL Pointer Dereference vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58/14.2.0.220
A vulnerability classified as problematic has been found in IObit Advanced SystemCare Utimate up to 17.0.0.
local
low complexity
iobit
CWE-476
5.5
5.5
«
Previous
1
2
...
242
243
244
(current)
245
246
...
16385
16386
»
Next