VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-05
CVE-2024-13604
The KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.4 via the 'kbs' directory.
network
low complexity
CWE-200
7.5
7.5
2025-04-05
CVE-2025-0810
The Read More & Accordion plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.4.5.
network
high complexity
CWE-352
7.5
7.5
2025-04-05
CVE-2025-2933
The Email Notifications for Updates plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the awun_import_settings() function in all versions up to, and including, 1.1.6.
network
low complexity
CWE-862
8.8
8.8
2025-04-04
CVE-2025-3267
SQL Injection vulnerability in Qinguoyi Tinywebserver 1.0
A vulnerability, which was classified as critical, was found in qinguoyi TinyWebServer up to 1.0.
network
low complexity
qinguoyi
CWE-89
8.8
8.8
2025-04-04
CVE-2025-3259
Out-of-bounds Write vulnerability in Tenda RX3 Firmware 16.03.13.11Multi
A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11.
network
low complexity
tenda
CWE-787
8.8
8.8
2025-04-04
CVE-2025-3258
A vulnerability classified as critical was found in PHPGurukul Old Age Home Management System 1.0.
network
low complexity
CWE-74
7.3
7.3
2025-04-04
CVE-2025-32220
Missing Authorization vulnerability in Salonbookingsystem Salon Booking System
Missing Authorization vulnerability in Dimitri Grassi Salon booking system allows Exploiting Incorrectly Configured Access Control Security Levels.
network
low complexity
salonbookingsystem
CWE-862
8.8
8.8
2025-04-04
CVE-2025-32280
Cross-Site Request Forgery (CSRF) vulnerability in Wedevs WP Project Manager
Cross-Site Request Forgery (CSRF) vulnerability in weDevs WP Project Manager allows Cross Site Request Forgery.
network
low complexity
wedevs
CWE-352
8.8
8.8
2025-04-04
CVE-2025-3239
A vulnerability classified as critical was found in PHPGurukul Online Fire Reporting System 1.2.
network
low complexity
CWE-74
7.3
7.3
2025-04-04
CVE-2025-3240
A vulnerability, which was classified as critical, has been found in PHPGurukul Online Fire Reporting System 1.2.
network
low complexity
CWE-74
7.3
7.3
«
Previous
1
2
...
19
20
21
(current)
22
23
...
6796
6797
»
Next