VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-09-26
CVE-2024-43191
IBM ManageIQ could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted yaml file request.
network
low complexity
CWE-502
7.2
7.2
2024-09-26
CVE-2024-7259
A flaw was found in oVirt.
network
high complexity
CWE-312
4.4
4.4
2024-09-26
CVE-2024-8771
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'preview_email_template_design' function in all versions up to, and including, 5.7.34.
network
low complexity
CWE-862
4.3
4.3
2024-09-26
CVE-2023-46175
IBM Cloud Pak for Multicloud Management 2.3 through 2.3 FP8 stores user credentials in a log file plain clear text which can be read by a privileged user.
network
high complexity
4.4
4.4
2024-09-26
CVE-2024-9177
The Themedy Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's themedy_col, themedy_social_link, themedy_alertbox, and themedy_pullleft shortcodes in all versions up to, and including, 1.0.14, and up to, and including 1.0.15 for the plugin's themedy_button shortcode due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
CWE-79
6.4
6.4
2024-09-26
CVE-2024-8633
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.15.27 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
5.5
5.5
2024-09-26
CVE-2024-8126
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.8.
network
high complexity
CWE-434
7.5
7.5
2024-09-26
CVE-2024-8704
The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale' parameter.
network
low complexity
7.2
7.2
2024-09-26
CVE-2024-8725
Multiple plugins and/or themes for WordPress are vulnerable to Limited File Upload in various versions.
network
high complexity
CWE-434
6.8
6.8
2024-09-26
CVE-2022-4541
The WordPress Visitors plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a spoofed HTTP Header value in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
7.2
7.2
«
1
(current)
2
3
4
5
...
22211
22212
»
Next