CVE-2024-10899 (v3: 7.3) 20 Nov 2024

The The WooCommerce Product Table Lite plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.6... Read more ➔

CVE-2024-11038 (v3: 7.3) 19 Nov 2024

The The WPB Popup for Contact Form 7 – Showing The Contact Form 7 Popup on Button Click – CF7 Popup plugin for WordPress is vulnerable to arbitrary sh... Read more ➔

CVE-2024-11036 (v3: 7.3) 19 Nov 2024

The The GamiPress – The #1 gamification plugin to reward points, achievements, badges & ranks in WordPress plugin for WordPress is vulnerable to a... Read more ➔

CVE-2024-52434 (v3: 9.1) 18 Nov 2024

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic Popup by Supsystic allows Command Injection.This issu... Read more ➔

CVE-2024-52427 (v3: 8.8) 18 Nov 2024

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso Nikolov Event Tickets with Ticket Scanner allows Server Si... Read more ➔

CVE-2024-47208 18 Nov 2024

Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz. This issue affects Apach... Read more ➔

CVE-2024-9839 (v3: 7.3) 16 Nov 2024

The The Uix Slideshow plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.6.5. This is due to... Read more ➔

CVE-2024-10262 (v3: 6.3) 16 Nov 2024

The The Drop Shadow Boxes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.7.14. This is du... Read more ➔

CVE-2024-49362 14 Nov 2024

Joplin is a free, open source note taking and to-do application. Joplin-desktop has a vulnerability that leads to remote code execution (RCE) when a u... Read more ➔

CVE-2024-49048 (v3: 8.1) 12 Nov 2024

TorchGeo Remote Code Execution Vulnerability Read more ➔

CVE-2024-10958 (v3: 7.3) 10 Nov 2024

The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via getshortcodedrenderedfenodelay AJAX action in all... Read more ➔

CVE-2024-10640 (v3: 7.3) 9 Nov 2024

The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to... Read more ➔

CVE-2024-10261 (v3: 7.3) 9 Nov 2024

The The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to arb... Read more ➔

CVE-2024-10263 (v3: 7.3) 5 Nov 2024

The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.... Read more ➔

CVE-2024-10035 4 Nov 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics Security Technologies CoslatV3 allows Command Injection.... Read more ➔

CVE-2024-9846 (v3: 7.3) 30 Oct 2024

The The Enable Shortcodes inside Widgets,Comments and Experts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up t... Read more ➔

CVE-2024-10505 30 Oct 2024

A vulnerability was found in wuzhicms 4.1.0. It has been classified as critical. Affected is the function add/edit of the file www/coreframe/app/conte... Read more ➔

CVE-2024-50498 28 Oct 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in LUBUS WP Query Console allows Code Injection.This issue affects WP Query Co... Read more ➔

CVE-2024-50492 28 Oct 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson ScottCart allows Code Injection.This issue affects ScottCart... Read more ➔

CVE-2024-50450 28 Oct 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Code Inj... Read more ➔

CVE-2024-9162 (v3: 7.2) 28 Oct 2024

The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during t... Read more ➔

CVE-2024-9593 (v3: 8.3) 18 Oct 2024

The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 (for Tim... Read more ➔

CVE-2024-10073 17 Oct 2024

A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\mode... Read more ➔

CVE-2024-45766 17 Oct 2024

Dell OpenManage Enterprise, version(s) OME 4.1 and prior, contain(s) an Improper Control of Generation of Code ('Code Injection') vulnerability. A low... Read more ➔

CVE-2024-49254 16 Oct 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in Sunjianle allows Code Injection.This issue affects ajax-extend: from n/a th... Read more ➔

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Key Capabilities

Threat Intelligence