Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-12-13 | CVE-2023-37967 | Missing Authorization vulnerability in Designinvento Directorypress 2.8.0/3.6.0 Missing Authorization vulnerability in Designinvento DirectoryPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through 3.6.2. | 9.8 |
2024-12-13 | CVE-2023-39997 | Missing Authorization vulnerability in Supsystic Popup Missing Authorization vulnerability in supsystic.com Popup by Supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup by Supsystic: from n/a through 1.10.19. | 9.8 |
2024-12-13 | CVE-2023-40003 | Missing Authorization vulnerability in Wedevs WP Project Manager Missing Authorization vulnerability in weDevs WP Project Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Project Manager: from n/a through 2.6.7. | 9.8 |
2024-12-13 | CVE-2023-40005 | Missing Authorization vulnerability in Awesomemotive Easy Digital Downloads Missing Authorization vulnerability in Easy Digital Downloads Easy Digital Downloads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Digital Downloads: from n/a through 3.1.5. | 9.8 |
2024-12-13 | CVE-2023-41875 | Missing Authorization vulnerability in Wpdirectorykit WP Directory KIT Missing Authorization vulnerability in wpdirectorykit.com WP Directory Kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Directory Kit: from n/a through 1.2.6. | 9.8 |
2024-12-13 | CVE-2024-28980 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Dell Recoverpoint for Virtual Machines 6.0 Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the SSH. | 9.8 |
2024-12-13 | CVE-2024-38488 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dell Recoverpoint for Virtual Machines 6.0 Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. | 9.8 |
2024-12-13 | CVE-2024-48007 | Use of Hard-coded Credentials vulnerability in Dell Recoverpoint for Virtual Machines 6.0 Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability. | 9.8 |
2024-12-13 | CVE-2024-9290 | The Super Backup & Clone - Migrate for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and a missing capability check on the ibk_restore_migrate_check() function in all versions up to, and including, 2.3.3. | 9.8 |
2024-12-12 | CVE-2024-49147 | Deserialization of Untrusted Data vulnerability in Microsoft Update Catalog Deserialization of untrusted data in Microsoft Update Catalog allows an unauthorized attacker to elevate privileges on the website’s webserver. | 9.8 |