VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-10-26
CVE-2024-9462
The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Stored Cross-Site Scripting via poll settings in all versions up to, and including, 5.4.6 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
5.5
5.5
2024-10-26
CVE-2024-9475
The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to generic SQL Injection via the order_by parameter in all versions up to, and including, 5.4.6 due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query.
network
low complexity
CWE-89
4.9
4.9
2024-10-26
CVE-2024-9613
The FormFacade – WordPress plugin for Google Forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'userId' and 'publishId' parameters in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
6.1
6.1
2024-10-26
CVE-2024-9890
The User Toolkit plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2.3.
network
low complexity
CWE-288
8.8
8.8
2024-10-26
CVE-2024-9930
The Extensions by HocWP Team plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.2.3.2.
network
low complexity
CWE-288
critical
9.8
9.8
2024-10-26
CVE-2024-9931
The Wux Blog Editor plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.0.
network
low complexity
CWE-288
critical
9.8
9.8
2024-10-26
CVE-2024-9932
The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbt_insertImageNew' function in versions up to, and including, 3.0.0.
network
low complexity
CWE-434
critical
9.8
9.8
2024-10-25
CVE-2024-48218
SQL Injection vulnerability in Funadmin 5.0.2
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list.
network
low complexity
funadmin
CWE-89
7.2
7.2
2024-10-25
CVE-2024-48222
SQL Injection vulnerability in Funadmin 5.0.2
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit.
network
low complexity
funadmin
CWE-89
7.2
7.2
2024-10-25
CVE-2024-48223
SQL Injection vulnerability in Funadmin 5.0.2
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist.
network
low complexity
funadmin
CWE-89
7.2
7.2
«
Previous
1
2
...
613
614
615
(current)
616
617
...
16446
16447
»
Next