Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-13 | CVE-2024-4371 | Deserialization of Untrusted Data vulnerability in Codexpert Codesigner The CoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.1 via deserialization of untrusted input from the recently_viewed_products cookie. | 9.8 |
| 2024-06-13 | CVE-2024-26029 | Unspecified vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. | 9.8 |
| 2024-06-13 | CVE-2024-3552 | SQL Injection vulnerability in Salephpscripts web Directory Free The Web Directory Free WordPress plugin before 1.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection with different techniques like UNION, Time-Based and Error-Based. | 9.8 |
| 2024-06-13 | CVE-2024-38294 | Unspecified vulnerability in Alcasar ALCASAR before 3.6.1 allows email_registration_back.php remote code execution. | 9.8 |
| 2024-06-13 | CVE-2024-38295 | Unspecified vulnerability in Alcasar ALCASAR before 3.6.1 allows still_connected.php remote code execution. | 9.8 |
| 2024-06-13 | CVE-2024-3922 | SQL Injection vulnerability in Dokan PRO Plugin 3.10.3 The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.8 |
| 2024-06-12 | CVE-2024-37036 | Unspecified vulnerability in Schneider-Electric Sage RTU Firmware CWE-787: Out-of-bounds Write vulnerability exists that could result in an authentication bypass when sending a malformed POST request and particular configuration parameters are set. | 9.8 |
| 2024-06-12 | CVE-2024-5898 | Unspecified vulnerability in Angeljudesuarez Payroll Management System 1.0 A vulnerability was found in itsourcecode Payroll Management System 1.0 and classified as critical. | 9.8 |
| 2024-06-12 | CVE-2024-36761 | Out-of-bounds Write vulnerability in Gfx-Rs Naga 0.14.0 naga v0.14.0 was discovered to contain a stack overflow via the component /wgsl/parse/mod.rs. | 9.8 |
| 2024-06-12 | CVE-2024-5896 | Unspecified vulnerability in Oretnom23 Employee and Visitor Gate Pass Logging System 1.0 A vulnerability, which was classified as critical, was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. | 9.8 |