Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-26 CVE-2024-8392 The WordPress Post Grid Layouts with Pagination – Sogrid plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.5.2 via the 'tab' parameter.
network
low complexity
CWE-98
7.2
7.2
2024-10-26 CVE-2024-9637 The School Management System – WPSchoolPress plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.2.10.
network
low complexity
CWE-639
8.8
8.8
2024-10-26 CVE-2024-9890 The User Toolkit plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.2.3.
network
low complexity
CWE-288
8.8
8.8
2024-10-25 CVE-2024-48218 SQL Injection vulnerability in Funadmin 5.0.2
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list.
network
low complexity
funadmin CWE-89
7.2
7.2
2024-10-25 CVE-2024-48222 SQL Injection vulnerability in Funadmin 5.0.2
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit.
network
low complexity
funadmin CWE-89
7.2
7.2
2024-10-25 CVE-2024-48223 SQL Injection vulnerability in Funadmin 5.0.2
Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist.
network
low complexity
funadmin CWE-89
7.2
7.2
2024-10-25 CVE-2024-48226 SQL Injection vulnerability in Funadmin 5.0.2
Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield.
network
low complexity
funadmin CWE-89
7.2
7.2
2024-10-25 CVE-2024-48229 SQL Injection vulnerability in Funadmin 5.0.2
funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click command mode plugin.
network
low complexity
funadmin CWE-89
7.2
7.2
2024-10-25 CVE-2024-48230 SQL Injection vulnerability in Funadmin 5.0.2
funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php.
network
low complexity
funadmin CWE-89
7.2
7.2
2024-10-25 CVE-2024-49767 Unspecified vulnerability in Palletsprojects Werkzeug
Werkzeug is a Web Server Gateway Interface web application library.
network
low complexity
palletsprojects
7.5
7.5