Vulnerabilities > Improper Control of Generation of Code ('Code Injection')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-12 | CVE-2024-8760 | The Stackable – Page Builder Gutenberg Blocks plugin for WordPress is vulnerable to CSS Injection in all versions up to, and including, 3.13.6. | 5.3 |
2024-10-10 | CVE-2024-9581 | Code Injection vulnerability in Happyplugins Shortcodes Anywhere The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. | 7.3 |
2024-10-07 | CVE-2024-43363 | Code Injection vulnerability in Cacti Cacti is an open source performance and fault management framework. | 7.2 |
2024-10-02 | CVE-2024-8254 | Code Injection vulnerability in Icegram Email Subscribers & Newsletters The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.7.34. | 6.3 |
2024-09-25 | CVE-2024-46489 | Code Injection vulnerability in Ferrislucas Promptr 6.0.7 A remote command execution (RCE) vulnerability in promptr v6.0.7 allows attackers to execute arbitrary commands via a crafted URL. | 8.8 |
2024-09-25 | CVE-2024-8481 | Code Injection vulnerability in Blogcoding Special Text Boxes The The Special Text Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 6.2.2. | 7.3 |
2024-09-24 | CVE-2024-8623 | Code Injection vulnerability in Pluginus Wordpress Meta Data and Taxonomies Filter The The MDTF – Meta Data and Taxonomies Filter plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.3.3.3. | 7.3 |
2024-09-23 | CVE-2024-0004 | Code Injection vulnerability in Purestorage Purity//Fa A condition exists in FlashArray Purity whereby an user with array admin role can execute arbitrary commands remotely to escalate privilege on the array. | 7.2 |
2024-09-19 | CVE-2024-9006 | Code Injection vulnerability in Jeanmarc77 123Solar 1.8.4.5 A vulnerability was found in jeanmarc77 123solar 1.8.4.5. | 8.8 |
2024-09-16 | CVE-2024-44623 | Code Injection vulnerability in SPX Graphics Controller An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function. | 9.8 |