Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2024-12-17 CVE-2024-8326 The s2Member – Excellent for All Kinds of Memberships, Content Restriction Paywalls & Member Access Subscriptions plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 241114 via the 'sc_get_details' function.
network
low complexity
CWE-200
8.8
8.8
2024-12-17 CVE-2024-12293 The User Role Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.64.3.
network
low complexity
CWE-352
8.8
8.8
2024-12-17 CVE-2024-9624 The WP All Import Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.9.3 due to missing SSRF protection on the pmxi_curl_download function.
network
low complexity
CWE-918
7.6
7.6
2024-12-16 CVE-2024-12666 Unspecified vulnerability in Classcms
A vulnerability has been found in ClassCMS up to 4.8 and classified as critical.
network
low complexity
classcms
8.8
8.8
2024-12-16 CVE-2024-4762 An improper validation vulnerability was reported in the firmware update mechanism of LADM and LDCC that could allow a local attacker to escalate privileges.
local
low complexity
 7.8
7.8
2024-12-16 CVE-2024-6001 An improper certificate validation vulnerability was reported in LADM that could allow a network attacker with the ability to redirect an update request to a remote server and execute code with elevated privileges.
network
high complexity
 8.1
8.1
2024-12-16 CVE-2024-12642 TenderDocTransfer from Chunghwa Telecom has an Arbitrary File Write vulnerability.
network
low complexity
CWE-23
8.1
8.1
2024-12-16 CVE-2024-12643 The tbm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability.
network
low complexity
CWE-36
8.1
8.1
2024-12-16 CVE-2024-12644 The tbm-client from Chunghwa Telecom has an Arbitrary File vulnerability.
network
low complexity
CWE-36
7.1
7.1
2024-12-16 CVE-2024-12646 The topm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability.
network
low complexity
CWE-36
8.1
8.1