| 2025-01-08 | CVE-2024-11613 | The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution, Arbitrary File Read, and Arbitrary File Deletion in all versions up to, and including, 4.24.15 via the 'wfu_file_downloader.php' file. network low complexity CWE-94 critical | 9.8 |
| 2025-01-08 | CVE-2023-52953 | Path Traversal vulnerability in Huawei Emui and Harmonyos
Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | 9.1 |
| 2025-01-07 | CVE-2024-12252 | The SEO LAT Auto Post plugin for WordPress is vulnerable to file overwrite due to a missing capability check on the remote_update AJAX action in all versions up to, and including, 2.2.1. network low complexity CWE-94 critical | 9.8 |
| 2025-01-07 | CVE-2024-12264 | The PayU CommercePro Plugin plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.8.3. network low complexity CWE-287 critical | 9.8 |
| 2025-01-07 | CVE-2024-12470 | The School Management System – SakolaWP plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.0.8. network low complexity CWE-266 critical | 9.8 |
| 2025-01-07 | CVE-2024-12402 | The Themes Coder – Create Android & iOS Apps For Your Woocommerce Site plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.3.4. network low complexity CWE-288 critical | 9.8 |
| 2025-01-05 | CVE-2025-0233 | SQL Injection vulnerability in Codezips Project Management System 1.0
A vulnerability was found in Codezips Project Management System 1.0. | 9.8 |
| 2025-01-05 | CVE-2025-0230 | SQL Injection vulnerability in Fabianros Responsive Hotel Site 1.0
A vulnerability, which was classified as critical, was found in code-projects Responsive Hotel Site 1.0. | 9.8 |
| 2025-01-05 | CVE-2025-0229 | SQL Injection vulnerability in Fabianros Travel Management System 1.0
A vulnerability, which was classified as critical, has been found in code-projects Travel Management System 1.0. | 9.8 |
| 2025-01-05 | CVE-2024-13136 | Deserialization of Untrusted Data vulnerability in Wangl1989 Mysiteforme 1.0
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. | 9.8 |