Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4656
The Import and export users and customers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user agent header in all versions up to, and including, 1.26.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...
NA
CVE-2024-4618
The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Team Member widget in all versions up to, and including, 2.6.9.6 due to insufficient input sanitization and output escaping on user supplied 'url' attribute. Thi...
NA
CVE-2024-35108
idccms v1.35 exists to contain a Cross-Site Request Forgery (CSRF) via the component /admin/homePro_deal.php?mudi=del&dataType=&dataTypeCN.
NA
CVE-2024-3744
A security issue exists in azure-file-csi-driver where an actor with access to the driver logs could observe service account tokens. These tokens could then potentially be exchanged with external cloud providers to access secrets stored in cloud vault solutions. Tokens are only l...
NA
CVE-2024-4363
The Visual Portfolio, Photo Gallery & Post Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title_tag’ parameter in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping. This makes it po...
NA
CVE-2024-4370
The WPZOOM Addons for Elementor (Templates, Widgets) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget Image Box in all versions up to, and including, 1.1.36 due to insufficient input sanitization and output escaping on user supplied a...
NA
CVE-2024-0437
The Password Protected – Ultimate Plugin to Password Protect Your WordPress Content with Ease plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.6 via the API. This makes it possible for authenticated attackers, wi...
NA
CVE-2024-22476
Microsoft fixes a bug abused in QakBot attacks plus a second under exploit
1 Article
NA
CVE-2024-21792
Microsoft fixes a bug abused in QakBot attacks plus a second under exploit
1 Article
NA
CVE-2024-21823
Description<!---->This CVE is under investigation by Red Hat Product Security.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »