Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-20 | CVE-2024-49326 | Unrestricted Upload of File with Dangerous Type vulnerability in Vasiliskerasiotis Affiliator Unrestricted Upload of File with Dangerous Type vulnerability in Vasilis Kerasiotis Affiliator allows Upload a Web Shell to a Web Server.This issue affects Affiliator: from n/a through 2.1.3. | 9.8 |
| 2024-10-20 | CVE-2024-49327 | Unrestricted Upload of File with Dangerous Type vulnerability in Asepbagjapriandana Woostagram Connect Unrestricted Upload of File with Dangerous Type vulnerability in Asep Bagja Priandana Woostagram Connect allows Upload a Web Shell to a Web Server.This issue affects Woostagram Connect: from n/a through 1.0.2. | 9.8 |
| 2024-10-20 | CVE-2024-49329 | Unrestricted Upload of File with Dangerous Type vulnerability in Vivektamrakar WP Rest API FNS Unrestricted Upload of File with Dangerous Type vulnerability in Vivek Tamrakar WP REST API FNS allows Upload a Web Shell to a Web Server.This issue affects WP REST API FNS: from n/a through 1.0.0. | 9.8 |
| 2024-10-20 | CVE-2024-49330 | Unrestricted Upload of File with Dangerous Type vulnerability in Brx8R Nice Backgrounds Unrestricted Upload of File with Dangerous Type vulnerability in brx8r Nice Backgrounds allows Upload a Web Shell to a Web Server.This issue affects Nice Backgrounds: from n/a through 1.0. | 9.8 |
| 2024-10-20 | CVE-2024-49332 | Deserialization of Untrusted Data vulnerability in Giveawayboost Giveaway Boost Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This issue affects Giveaway Boost: from n/a through 2.1.4. | 9.8 |
| 2024-10-20 | CVE-2024-49607 | Unrestricted Upload of File with Dangerous Type vulnerability in Redwanhilali WP Dropbox Dropins Unrestricted Upload of File with Dangerous Type vulnerability in Redwan Hilali WP Dropbox Dropins allows Upload a Web Shell to a Web Server.This issue affects WP Dropbox Dropins: from n/a through 1.0. | 9.8 |
| 2024-10-20 | CVE-2024-49610 | Unrestricted Upload of File with Dangerous Type vulnerability in Jackzhu Photokit Unrestricted Upload of File with Dangerous Type vulnerability in Jack Zhu allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through 1.0. | 9.8 |
| 2024-10-20 | CVE-2024-49624 | Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System allows Object Injection.This issue affects Advanced Advertising System: from n/a through 1.3.1. | 9.8 |
| 2024-10-20 | CVE-2024-49625 | Deserialization of Untrusted Data vulnerability in Brandonclark Sitebuilder Dynamic Components Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components allows Object Injection.This issue affects SiteBuilder Dynamic Components: from n/a through 1.0. | 9.8 |
| 2024-10-20 | CVE-2024-49286 | Path Traversal vulnerability in Moridrin SSV Events Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Moridrin SSV Events allows PHP Local File Inclusion.This issue affects SSV Events: from n/a through 3.2.7. | 9.8 |