VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-08-12
CVE-2024-6639
The MDx theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mdx_list_item' shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
6.4
6.4
2024-08-12
CVE-2024-38200
Microsoft Office Spoofing Vulnerability
network
low complexity
CWE-200
7.5
7.5
2024-08-12
CVE-2024-38218
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
local
low complexity
8.4
8.4
2024-08-12
CVE-2024-38219
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
network
high complexity
6.5
6.5
2024-08-12
CVE-2024-4359
The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 5.7.2 via the SVG widget and a lack of sufficient file validation in the render_svg function.
network
low complexity
6.5
6.5
2024-08-12
CVE-2024-4360
The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 5.7.2 due to insufficient input sanitization and output escaping on user supplied attributes like 'title_tag'.
network
low complexity
6.4
6.4
2024-08-12
CVE-2024-6562
The affiliate-toolkit – WordPress Affiliate Plugin plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.5.5.
network
low complexity
5.3
5.3
2024-08-12
CVE-2024-6691
The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the currency value in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping.
network
high complexity
4.4
4.4
2024-08-12
CVE-2024-6692
The Easy Digital Downloads – Sell Digital Files & Subscriptions (eCommerce Store + Payments Made Easy) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Agreement Text value in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping.
network
high complexity
3.3
3.3
2024-08-12
CVE-2024-6758
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments.
network
low complexity
CWE-269
6.5
6.5
«
1
(current)
2
3
4
5
...
21787
21788
»
Next