Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
super vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-35882
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Team Heateor Super Socializer plugin <= 7.13.52 versions.
Heateor Super Socializer
383
VMScore
CVE-2021-24987
The Social Share, Social Login and Social Comments Plugin WordPress plugin prior to 7.13.30 does not sanitise and escape the urls parameter in its the_champ_sharing_count AJAX action (available to both unauthenticated and authenticated users) before outputting it back in the resp...
Heateor Super Socializer
NA
CVE-2023-5613
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tpsscode' shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...
Themepoints Super Testimonials
801
VMScore
CVE-2021-24209
The WP Super Cache WordPress plugin prior to 1.7.2 was affected by an authenticated (admin+) RCE in the settings page due to input validation failure and weak $cache_path check in the WP Super Cache Settings -> Cache Location option. Direct access to the wp-cache-config.php fi...
Automattic Wp Super Cache
NA
CVE-2023-47354
An issue in the PowerOffWidgetReceiver function of Super Reboot (Root) Recovery v1.0.3 allows malicious users to arbitrarily reset or power off the device via a crafted intent
Binhdrm26 Super Reboot 1.0.3
392
VMScore
CVE-2011-2776
Buffer overflow in the Error function in super.c in Super 3.30.0 might allow local users to execute arbitrary code via vectors related to syslog logging. NOTE: some of these details are obtained from third party information.
Robert Luberda Super 3.30.0
NA
CVE-2023-47889
The Android application BINHDRM26 com.bdrm.superreboot 1.0.3, exposes several critical actions through its exported broadcast receivers. These exposed actions can allow any app on the device to send unauthorized broadcasts, leading to unintended consequences. The vulnerability is...
Binhdrm26 Super Reboot 1.0.3
NA
CVE-2023-5054
The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creation and relay in versions up to, and including, 6.9.3. This is due to insufficient restrictions on the sendMail.php file that allows direct access. This makes it possible for unauthe...
Superstorefinder Super Store Finder
605
VMScore
CVE-2013-2011
WordPress W3 Super Cache Plugin prior to 1.3.2 contains a PHP code-execution vulnerability which could allow remote malicious users to inject arbitrary code. This issue exists because of an incomplete fix for CVE-2013-2009.
Automattic W3 Super Cache
NA
CVE-2023-27417
Cross-Site Request Forgery (CSRF) vulnerability in Timo Reith Affiliate Super Assistent plugin <= 1.5.1 versions.
Ifeelweb Affiliate Super Assistent
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »