Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-37568
lepture Authlib prior to 1.3.1 has algorithm confusion with asymmetric public keys. Unless an algorithm is specified in a jwt.decode call, HMAC verification is allowed with any asymmetric public key. (This is similar to CVE-2022-29217 and CVE-2024-33663.)
NA
CVE-2024-5458
In PHP versions 8.1.* prior to 8.1.29, 8.2.* prior to 8.2.20, 8.3.* prior to 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user informatio...
NA
CVE-2024-5585
In PHP versions 8.1.* prior to 8.1.29, 8.2.* prior to 8.2.20, 8.3.* prior to 8.3.8, the fix for CVE-2024-1874 does not work if the command name includes trailing spaces. Original issue: when using proc_open() command with array syntax, due to insufficient escaping,...
NA
CVE-2024-31275
Missing Authorization vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a up to and including 3.3.4.
NA
CVE-2024-31276
Missing Authorization vulnerability in WPFactory Products, Order & Customers Export for WooCommerce.This issue affects Products, Order & Customers Export for WooCommerce: from n/a up to and including 2.0.8.
NA
CVE-2024-31283
Missing Authorization vulnerability in zorem Advanced Local Pickup for WooCommerce.This issue affects Advanced Local Pickup for WooCommerce: from n/a up to and including 1.6.2.
NA
CVE-2024-31284
Missing Authorization vulnerability in WPDeveloper EmbedPress.This issue affects EmbedPress: from n/a up to and including 3.9.8.
NA
CVE-2024-31304
Missing Authorization vulnerability in MultiVendorX WC Marketplace.This issue affects WC Marketplace: from n/a up to and including 4.1.3.
NA
CVE-2024-32081
Missing Authorization vulnerability in Websupporter Filter Custom Fields & Taxonomies Light.This issue affects Filter Custom Fields & Taxonomies Light: from n/a up to and including 1.05.
NA
CVE-2024-32705
Missing Authorization vulnerability in reputeinfosystems ARForms.This issue affects ARForms: from n/a up to and including 6.4.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »