VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-01-11
CVE-2024-12472
The Post Duplicator plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.36 via the mtphr_duplicate_post() due to insufficient restrictions on which posts can be duplicated.
network
low complexity
CWE-639
5.3
5.3
2025-01-11
CVE-2024-12505
The Trackserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tsmap' shortcode in all versions up to, and including, 5.0.2 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2025-01-11
CVE-2024-12627
The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.5 via deserialization of untrusted input from post content passed to the capture_email AJAX action.
network
high complexity
CWE-502
7.5
7.5
2025-01-10
CVE-2025-23110
Cross-site Scripting vulnerability in Vanderbilt Redcap 14.9.6
An issue was discovered in REDCap 14.9.6.
network
low complexity
vanderbilt
CWE-79
6.1
6.1
2025-01-10
CVE-2025-23111
Cross-site Scripting vulnerability in Vanderbilt Redcap 14.9.6
An issue was discovered in REDCap 14.9.6.
network
low complexity
vanderbilt
CWE-79
6.1
6.1
2025-01-10
CVE-2025-23112
Cross-site Scripting vulnerability in Vanderbilt Redcap 14.9.6
An issue was discovered in REDCap 14.9.6.
network
low complexity
vanderbilt
CWE-79
6.1
6.1
2025-01-10
CVE-2025-23113
Cross-Site Request Forgery (CSRF) vulnerability in Vanderbilt Redcap 14.9.6
An issue was discovered in REDCap 14.9.6.
network
low complexity
vanderbilt
CWE-352
8.8
8.8
2025-01-10
CVE-2024-56511
Unspecified vulnerability in Dataease
DataEase is an open source data visualization analysis tool.
network
low complexity
dataease
critical
9.8
9.8
2025-01-10
CVE-2025-23022
Integer Overflow or Wraparound vulnerability in Freetype 2.8.1
FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c.
local
low complexity
freetype
CWE-190
6.2
6.2
2025-01-10
CVE-2024-41787
IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 could allow a remote attacker to bypass security restrictions, caused by a race condition.
network
low complexity
CWE-367
critical
9.8
9.8
«
Previous
1
2
...
418
419
420
(current)
421
422
...
16826
16827
»
Next