VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2024-06-11
CVE-2020-11843
Unspecified vulnerability in Netiq Access Manager
This allows the information exposure to unauthorized users. This issue affects NetIQ Access Manager using version 4.5 or before
network
low complexity
netiq
6.5
6.5
2024-06-11
CVE-2024-4266
The MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.8.8 via the 'handle_file' function.
network
low complexity
5.3
5.3
2024-06-11
CVE-2024-31398
Unspecified vulnerability in Cybozu Garoon
Insertion of sensitive information into sent data issue exists in Cybozu Garoon 5.0.0 to 5.15.2.
network
low complexity
cybozu
4.3
4.3
2024-06-11
CVE-2024-31399
Unspecified vulnerability in Cybozu Garoon
Excessive platform resource consumption within a loop issue exists in Cybozu Garoon 5.0.0 to 5.15.2.
network
low complexity
cybozu
6.5
6.5
2024-06-11
CVE-2024-31402
Incorrect Authorization vulnerability in Cybozu Garoon
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared To-Dos.
network
low complexity
cybozu
CWE-863
4.3
4.3
2024-06-11
CVE-2024-3723
The Advanced Contact form 7 DB plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.2 via the wp-content/uploads/advanced-cf7-upload directory.
network
low complexity
5.3
5.3
2024-06-11
CVE-2024-4319
The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'vsz_cf7_export_to_excel' function in versions up to, and including, 2.0.2.
network
low complexity
5.3
5.3
2024-06-11
CVE-2024-5530
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +12 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's WL: Product Horizontal Filter widget in all versions up to, and including, 2.9.0 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
6.4
6.4
2024-06-11
CVE-2023-6745
The Custom Field Template plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cpt' shortcode in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied post meta.
network
low complexity
6.4
6.4
2024-06-11
CVE-2023-6748
The Custom Field Template plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.1 via the 'cft' shortcode.
network
low complexity
4.3
4.3
«
Previous
1
2
...
380
381
382
(current)
383
384
...
11725
11726
»
Next