VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-01-26
CVE-2024-10633
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.8.0 (Business), up to, and including, 21.8.0 (Developer), and up to, and including, 31.8.0 (Agency).
network
low complexity
CWE-95
7.3
7.3
2024-10-30
CVE-2024-8512
The W3SPEEDSTER plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 7.26 via the 'script' parameter of the hookBeforeStartOptimization() function.
network
low complexity
CWE-95
critical
9.1
9.1