Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-06 | CVE-2021-32568 | Deserialization of Untrusted Data vulnerability in Mrdoc mrdoc is vulnerable to Deserialization of Untrusted Data | 7.8 |
| 2021-09-06 | CVE-2021-36744 | Link Following vulnerability in Trendmicro products Trend Micro Security (Consumer) 2021 and 2020 are vulnerable to a directory junction vulnerability which could allow an attacker to exploit the system to escalate privileges and create a denial of service. | 7.8 |
| 2021-09-06 | CVE-2021-3770 | vim is vulnerable to Heap-based Buffer Overflow | 7.8 |
| 2021-09-06 | CVE-2021-24303 | SQL Injection vulnerability in Jiangqie Official Website Mini Program 1.0/1.0.5/1.1.0 The JiangQie Official Website Mini Program WordPress plugin before 1.1.1 does not escape or validate the id GET parameter before using it in SQL statements, leading to SQL injection issues | 8.8 |
| 2021-09-06 | CVE-2021-24390 | Unspecified vulnerability in Alipay Project Alipay A proid GET parameter of the WordPress???Alipay|???Tenpay|??PayPal???? WordPress plugin through 3.7.2 is not sanitised, properly escaped or validated before inserting to a SQL statement not delimited by quotes, leading to SQL injection. | 7.2 |
| 2021-09-06 | CVE-2021-24391 | SQL Injection vulnerability in Cashtomer Project Cashtomer 1.0.0 An editid GET parameter of the Cashtomer WordPress plugin through 1.0.0 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. | 8.8 |
| 2021-09-06 | CVE-2021-24392 | SQL Injection vulnerability in Swiftcrm Club-Management-Software 1.0 An id GET parameter of the WordPress Membership SwiftCloud.io WordPress plugin through 1.0 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. | 7.2 |
| 2021-09-06 | CVE-2021-24393 | SQL Injection vulnerability in Comment Highlighter Project Comment Highlighter 0.13 A c GET parameter of the Comment Highlighter WordPress plugin through 0.13 is not properly sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. | 7.2 |
| 2021-09-06 | CVE-2021-24394 | SQL Injection vulnerability in Easy Testimonial Manager Project Easy Testimonial Manager 1.2.0 An id GET parameter of the Easy Testimonial Manager WordPress plugin through 1.2.0 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection | 7.2 |
| 2021-09-06 | CVE-2021-24395 | SQL Injection vulnerability in Geekwebsolution Embed Youtube Video 1.0 The editid GET parameter of the Embed Youtube Video WordPress plugin through 1.0 is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. | 7.2 |