Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2024-06-18 CVE-2023-5527 The Business Directory Plugin plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 6.4.3 via the class-csv-exporter.php file.
network
low complexity
7.4
2024-06-17 CVE-2024-6045 Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor.
low complexity
CWE-912
8.8
2024-06-15 CVE-2024-6000 The FooEvents for WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary file uploads due to an improper capability setting on the 'display_ticket_themes_page' function in versions up to, and including, 1.19.20.
network
high complexity
7.1
2024-06-15 CVE-2023-6696 The Popup Builder – Create highly converting, mobile friendly marketing popups.
network
low complexity
8.1
2024-06-15 CVE-2024-2544 The Popup Builder plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on all AJAX actions.
network
low complexity
7.4
2024-06-15 CVE-2024-3813 The tagDiv Composer plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.8 via the 'td_block_title' shortcode 'block_template_id' attribute.
network
low complexity
8.8
2024-06-14 CVE-2024-2024 The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_folders_file_upload' function in all versions up to, and including, 3.0.2.
network
low complexity
8.8
2024-06-14 CVE-2024-5996 The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session.
network
low complexity
CWE-319
8.8
2024-06-14 CVE-2024-5995 The notification emails sent by Soar Cloud HR Portal contain a link with a embedded session.
network
low complexity
CWE-613
8.8
2024-06-14 CVE-2024-31162 The specific function parameter of ASUS Download Master does not properly filter user input.
network
low complexity
7.2