VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-08-12
CVE-2024-7408
Cleartext Transmission of Sensitive Information vulnerability in Airveda Pm2.5 Pm10 Monitor Firmware
This vulnerability exists in Airveda Air Quality Monitor PM2.5 PM10 due to transmission of sensitive information in plain text during AP pairing mode.
low complexity
airveda
CWE-319
6.5
6.5
2024-08-12
CVE-2024-7410
The My Custom CSS PHP & ADS plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.3.
network
low complexity
5.3
5.3
2024-08-12
CVE-2024-7412
The No Update Nag plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.4.12.
network
low complexity
5.3
5.3
2024-08-12
CVE-2024-7413
The Obfuscate Email plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.8.1.
network
low complexity
5.3
5.3
2024-08-12
CVE-2024-7414
The PDF Builder for WPForms plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2.116.
network
low complexity
5.3
5.3
2024-08-12
CVE-2024-7416
The Reveal Template plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 3.7.
network
low complexity
5.3
5.3
2024-08-12
CVE-2024-7512
Cross-site Scripting vulnerability in Concretecms Concrete CMS
Concrete CMS versions 9.0.0 through 9.3.2 are affected by a stored XSS vulnerability in Board instances.
network
low complexity
concretecms
CWE-79
4.8
4.8
2024-08-12
CVE-2024-7574
The Christmasify! plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.5.
network
low complexity
6.1
6.1
2024-08-12
CVE-2024-7621
The Visual Website Collaboration, Feedback & Project Management – Atarim plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the process_wpfeedback_misc_options() function in all versions up to, and including, 4.0.2.
network
low complexity
5.4
5.4
2024-08-12
CVE-2024-7644
Cross-site Scripting vulnerability in Rems Leads Manager Tool 1.0
A vulnerability was found in SourceCodester Leads Manager Tool 1.0.
network
low complexity
rems
CWE-79
5.4
5.4
«
Previous
1
2
...
158
159
160
(current)
161
162
...
11689
11690
»
Next