VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-10-30
CVE-2024-8512
The W3SPEEDSTER plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 7.26 via the 'script' parameter of the hookBeforeStartOptimization() function.
network
low complexity
CWE-95
critical
9.1
9.1