Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-18 | CVE-2024-10118 | SECOM WRTR-304GN-304TW-UPSC does not properly filter user input in the specific functionality. | 9.8 |
| 2024-10-17 | CVE-2024-43566 | Unspecified vulnerability in Microsoft Edge Chromium Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 9.8 |
| 2024-10-17 | CVE-2024-49217 | Unspecified vulnerability in Madirisalmanaashish Adding Drop Down Roles in Registration Incorrect Privilege Assignment vulnerability in Madiri Salman Aashish Adding drop down roles in registration allows Privilege Escalation.This issue affects Adding drop down roles in registration: from n/a through 1.1. | 9.8 |
| 2024-10-17 | CVE-2005-10003 | OS Command Injection vulnerability in Mikexstudios Xcomic A vulnerability classified as critical has been found in mikexstudios Xcomic up to 0.8.2. | 9.8 |
| 2024-10-17 | CVE-2024-9862 | Authorization Bypass Through User-Controlled Key vulnerability in Miniorange OTP Verification With Firebase The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to Arbitrary User Password Change in versions up to, and including, 3.6.0. | 9.8 |
| 2024-10-17 | CVE-2024-9863 | The UserPro plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 3.6.0 due to the insecure 'administrator' default value for the 'default_user_role' option. | 9.8 |
| 2024-10-16 | CVE-2024-9893 | The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 3.1.14. | 9.8 |
| 2024-10-16 | CVE-2024-10021 | SQL Injection vulnerability in Code-Projects Pharmacy Management System 1.0 A vulnerability was found in code-projects Pharmacy Management System 1.0. | 9.8 |
| 2024-10-16 | CVE-2024-10022 | SQL Injection vulnerability in Code-Projects Pharmacy Management System 1.0 A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. | 9.8 |
| 2024-10-16 | CVE-2016-15042 | Unrestricted Upload of File with Dangerous Type vulnerability in Najeebmedia Frontend File Manager and Post Front-End Form The Frontend File Manager (versions < 4.0), N-Media Post Front-end Form (versions < 1.1) plugins for WordPress are vulnerable to arbitrary file uploads due to missing file type validation via the `nm_filemanager_upload_file` and `nm_postfront_upload_file` AJAX actions. | 9.8 |