Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-5410
CyberDanube Security Research 20240528-0 | Multiple Vulnerabilities in ORing IAP-420
NA
CVE-2024-5411
CyberDanube Security Research 20240528-0 | Multiple Vulnerabilities in ORing IAP-420
NA
CVE-2024-3269
The Download Monitor plugin for WordPress is vulnerable to unauthorized access to functionality due to a missing capability check on the dlm_uninstall_plugin function in all versions up to, and including, 4.9.13. This makes it possible for authenticated malicious users to uninsta...
NA
CVE-2024-3063
The WPB Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the output of 'tags' added to widgets in all versions up to, and including, 1.0.9 due to insufficient input sanitization and output escaping on user supplied tag attributes. T...
NA
CVE-2024-5223
The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's file uploading feature in all versions up to, and including, 4.1.1 due to insufficient input sanitization and output esca...
NA
CVE-2024-2253
The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via URL values the plugin's carousel widgets in all versions up to, and including, 10.2.1 due to insufficient input sanitization and output escaping on user supplied attr...
NA
CVE-2024-3190
The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's text field widget in all versions up to, and including, 1.5.107 due to insufficient input sanitization and output escapin...
NA
CVE-2024-35469
CVE-2024-35469 Submitter: Kha Do Human Resource Management System 1.0 Vulnerability SQL injection Description SQL injection vulnerability in /hrm/user/ in SourceCodester Human Resource Management System 1.0 allow attackers to execute arbitrary SQL commands via the password parame...
1 Github repository
NA
CVE-2024-35468
CVE-2024-35468 Submitter: Kha Do Human Resource Management System 1.0 Vulnerability SQL injection Description SQL injection vulnerability in /hrm/index.php in SourceCodester Human Resource Management System 1.0 allow attackers to execute arbitrary SQL commands via the password pa...
1 Github repository
NA
CVE-2024-5514
MinMax CMS from MinMax Digital Technology contains a hidden administrator account with a fixed password that cannot be removed or disabled from the management interface. Remote attackers who obtain this account can bypass IP access control restrictions and log in to the back...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4956
validation
CVE-2024-35221
remote attackers
CVE-2023-30309
CVE-2024-36112
CVE-2024-23109
CVE-2023-43850
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »