Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-10 | CVE-2024-35677 | Unspecified vulnerability in Stylemixthemes Mega Menu 2.3.12 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes MegaMenu allows PHP Local File Inclusion.This issue affects MegaMenu: from n/a through 2.3.12. | 9.8 |
| 2024-06-10 | CVE-2024-1228 | Use of Hard-coded Credentials vulnerability in Eurosoft Przychodnia Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive data stored in the database. | 9.8 |
| 2024-06-10 | CVE-2024-3699 | Use of Hard-coded Credentials vulnerability in Dreryk Gabinet 7.0.0.0 Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive data stored in the database. | 9.8 |
| 2024-06-10 | CVE-2024-3700 | Use of Hard-coded Credentials vulnerability in Estomed Simple Care Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive data stored in the database. | 9.8 |
| 2024-06-10 | CVE-2024-35735 | Unspecified vulnerability in Codepeople WP Time Slots Booking Form Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.2.11. | 9.8 |
| 2024-06-09 | CVE-2024-4577 | OS Command Injection vulnerability in multiple products In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. | 9.8 |
| 2024-06-09 | CVE-2024-31275 | Unspecified vulnerability in Metagauss Eventprime Missing Authorization vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.4. | 9.8 |
| 2024-06-09 | CVE-2024-31276 | Unspecified vulnerability in Wpfactory Products, Order & Customers Export for Woocommerce Missing Authorization vulnerability in WPFactory Products, Order & Customers Export for WooCommerce.This issue affects Products, Order & Customers Export for WooCommerce: from n/a through 2.0.8. | 9.8 |
| 2024-06-09 | CVE-2024-31283 | Unspecified vulnerability in Zorem Advanced Local Pickup for Woocommerce Missing Authorization vulnerability in zorem Advanced Local Pickup for WooCommerce.This issue affects Advanced Local Pickup for WooCommerce: from n/a through 1.6.2. | 9.8 |
| 2024-06-09 | CVE-2024-31284 | Unspecified vulnerability in Wpdeveloper Embedpress Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a through 3.9.8. | 9.8 |