VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Control of Generation of Code ('Code Injection')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-12-21
CVE-2024-11977
The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.4.10.
network
low complexity
CWE-94
7.3
7.3
2024-12-19
CVE-2024-11740
The The Download Manager plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.3.03.
network
low complexity
CWE-94
7.3
7.3
2024-12-13
CVE-2024-11012
The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via njt_nofi_text AJAX action in all versions up to, and including, 2.1.4.
network
low complexity
CWE-94
6.3
6.3
2024-12-13
CVE-2024-12417
The The Simple Link Directory plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.4.0.
network
low complexity
CWE-94
6.5
6.5
2024-12-13
CVE-2024-12420
The The WPMobile.App — Android and iOS Mobile Application plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 11.52.
network
low complexity
CWE-94
6.5
6.5
2024-12-13
CVE-2024-12421
The The Coupon Affiliates – Affiliate Plugin for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.16.7.1.
network
low complexity
CWE-94
6.5
6.5
2024-12-12
CVE-2024-12333
The Woodmart theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.0.3.
network
low complexity
CWE-94
6.5
6.5
2024-12-12
CVE-2024-10910
The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary shortcode execution via grid_plus_load_by_category AJAX action in all versions up to, and including, 1.3.5.
network
low complexity
CWE-94
7.3
7.3
2024-12-09
CVE-2024-12350
Code Injection vulnerability in Jwillber Jfinalcms 1.0
A vulnerability was found in JFinalCMS 1.0.
network
low complexity
jwillber
CWE-94
8.8
8.8
2024-12-06
CVE-2024-10681
The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 4.0.51.
network
low complexity
CWE-94
6.3
6.3
«
1
(current)
2
3
4
5
...
100
101
»
Next