Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-26 | CVE-2024-9931 | The Wux Blog Editor plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.0. | 9.8 |
| 2024-10-26 | CVE-2024-9932 | The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbt_insertImageNew' function in versions up to, and including, 3.0.0. | 9.8 |
| 2024-10-25 | CVE-2024-48218 | SQL Injection vulnerability in Funadmin 5.0.2 Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list. | 7.2 |
| 2024-10-25 | CVE-2024-48222 | SQL Injection vulnerability in Funadmin 5.0.2 Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit. | 7.2 |
| 2024-10-25 | CVE-2024-48223 | SQL Injection vulnerability in Funadmin 5.0.2 Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist. | 7.2 |
| 2024-10-25 | CVE-2024-48224 | Path Traversal vulnerability in Funadmin 5.0.2 Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile. | 4.9 |
| 2024-10-25 | CVE-2024-48225 | Unspecified vulnerability in Funadmin 5.0.2 Funadmin v5.0.2 has an arbitrary file deletion vulnerability in /curd/index/delfile. | 6.5 |
| 2024-10-25 | CVE-2024-48226 | SQL Injection vulnerability in Funadmin 5.0.2 Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield. | 7.2 |
| 2024-10-25 | CVE-2024-48227 | Unspecified vulnerability in Funadmin 5.0.2 Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service (DOS). | 4.9 |
| 2024-10-25 | CVE-2024-48229 | SQL Injection vulnerability in Funadmin 5.0.2 funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click command mode plugin. | 7.2 |