Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-01 | CVE-2024-47308 | Missing Authorization vulnerability in Templately Missing Authorization vulnerability in Templately allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Templately: from n/a through 3.1.2. | 9.8 |
2024-11-01 | CVE-2024-47311 | Missing Authorization vulnerability in Kraftplugins Wheel of Life Missing Authorization vulnerability in Kraft Plugins Wheel of Life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through 1.1.8. | 9.8 |
2024-11-01 | CVE-2024-47321 | Missing Authorization vulnerability in Androidbubbles WP Datepicker Missing Authorization vulnerability in Fahad Mahmood WP Datepicker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Datepicker: from n/a through 2.1.1. | 9.8 |
2024-11-01 | CVE-2024-47358 | Missing Authorization vulnerability in Code-Atlantic Popup Maker Missing Authorization vulnerability in Popup Maker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Popup Maker: from n/a through 1.19.2. | 9.8 |
2024-11-01 | CVE-2024-47359 | Missing Authorization vulnerability in Depicter Missing Authorization vulnerability in Depicter Slider and Popup by Averta Depicter Slider allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Depicter Slider: from n/a through 3.2.2. | 9.8 |
2024-11-01 | CVE-2024-10655 | SQL Injection vulnerability in Tongda2000 Office Anywhere 2017 A vulnerability was found in Tongda OA 2017 up to 11.9. | 9.8 |
2024-11-01 | CVE-2024-37094 | Unspecified vulnerability in Stylemixthemes Masterstudy LMS Missing Authorization vulnerability in StylemixThemes MasterStudy LMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MasterStudy LMS: from n/a through 3.2.12. | 9.8 |
2024-11-01 | CVE-2024-10654 | Authorization Bypass Through User-Controlled Key vulnerability in Totolink Lr350 Firmware 9.3.5U.6369B20220309 A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical. | 9.1 |
2024-11-01 | CVE-2024-7456 | SQL Injection vulnerability in Lunary 1.4.2 A SQL injection vulnerability exists in the `/api/v1/external-users` route of lunary-ai/lunary version v1.4.2. | 9.8 |
2024-11-01 | CVE-2024-10616 | SQL Injection vulnerability in Tongda2000 Office Anywhere A vulnerability classified as critical has been found in Tongda OA up to 11.9. | 9.8 |