Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-26 | CVE-2024-9931 | The Wux Blog Editor plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.0.0. | 9.8 |
| 2024-10-26 | CVE-2024-9932 | The Wux Blog Editor plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'wuxbt_insertImageNew' function in versions up to, and including, 3.0.0. | 9.8 |
| 2024-10-25 | CVE-2024-10386 | Unspecified vulnerability in Rockwellautomation Thinmanager CVE-2024-10386 IMPACT An authentication vulnerability exists in the affected product. | 9.8 |
| 2024-10-25 | CVE-2024-48428 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Olivegroup Olivevle An issue in Olive VLE allows an attacker to obtain sensitive information via the reset password function. | 9.8 |
| 2024-10-25 | CVE-2024-10381 | Unspecified vulnerability in Matrixcomsec Cosec Vega Faxq Firmware This vulnerability exists in Matrix Door Controller Cosec Vega FAXQ due to improper implementation of session management at the web-based management interface. | 9.8 |
| 2024-10-25 | CVE-2024-10378 | SQL Injection vulnerability in Esafenet CDG 5 A vulnerability classified as critical has been found in ESAFENET CDG 5. | 9.8 |
| 2024-10-25 | CVE-2024-10376 | SQL Injection vulnerability in Esafenet CDG 5 A vulnerability was found in ESAFENET CDG 5. | 9.8 |
| 2024-10-25 | CVE-2024-10377 | SQL Injection vulnerability in Esafenet CDG 5 A vulnerability was found in ESAFENET CDG 5. | 9.8 |
| 2024-10-25 | CVE-2024-47406 | Missing Authentication for Critical Function vulnerability in multiple products Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability. | 9.8 |
| 2024-10-25 | CVE-2024-9302 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Appcheap APP Builder The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.3.7. | 9.8 |