Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-2087
The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form name values in all versions up to, and including, 2.4.43 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated malicious ...
NA
CVE-2024-4886
The contains an IDOR vulnerability that allows a user to comment on a private post by manipulating the ID included in the request
NA
CVE-2024-34055
Cyrus IMAP prior to 3.8.3 and 3.10.x prior to 3.10.0-rc1 allows authenticated malicious users to cause unbounded memory allocation by sending many LITERALs in a single command.
NA
CVE-2024-5149
The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up to, and including, 2.8.9 via the use of an insufficiently random activation code. This makes it possible for unauthenticated malicious users to bypass the email verification.
NA
CVE-2024-5262
Files or Directories Accessible to External Parties vulnerability in smb server in ProjectDiscovery Interactsh allows remote malicious users to read/write any files in the directory and subdirectories of where the victim runs interactsh-server via anonymous login.
NA
CVE-2024-5483
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.6.8 due to incorrect implementation of get_items_permissions_check function. This makes it possible for unauthenticated malic...
NA
CVE-2024-5317
The Newsletter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'np1' parameter in all versions up to, and including, 8.3.4 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated malicious users to...
NA
CVE-2024-5636
A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file report/index.php. The manipulation of the argument procduct leads to sql injection. The attack may be launc...
NA
CVE-2020-27355
Rejected reason: CVE ID was once reserved, but never used.
NA
CVE-2020-35153
Rejected reason: CVE ID was once reserved, but never used.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »