Latest CVE Feed
-
8.5
HIGHCVE-2024-7324
A vulnerability was found in IObit iTop Data Recovery Pro 4.4.0.687. It has been declared as critical. Affected by this vulnerability is an unknown functionality in the library madbasic_.bpl of the component BPL Handler. The manipulation leads to uncontro... Read more
Affected Products :- Published: Jul. 31, 2024
- Modified: Aug. 01, 2024
-
9.4
CRITICALCVE-2024-7205
When the device is shared, the homepage module are before 2.19.0 in eWeLink Cloud Service allows Secondary user to take over devices as primary user via sharing unnecessary device-sensitive information.... Read more
Affected Products : ewelink- Published: Jul. 31, 2024
- Modified: Jul. 31, 2024
-
7.2
HIGHCVE-2024-6770
The Lifetime free Drag & Drop Contact Form Builder for WordPress VForm plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping. This makes it ... Read more
Affected Products :- Published: Jul. 31, 2024
- Modified: Jul. 31, 2024
-
6.5
MEDIUMCVE-2024-7135
The Tainacan plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'get_file' function in all versions up to, and including, 0.21.7. The function is also vulnerable to directory traversal. This makes it... Read more
Affected Products : tainacan- Published: Jul. 31, 2024
- Modified: Jul. 31, 2024
-
5.3
MEDIUMCVE-2024-2508
The WP Mobile Menu plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_menu_item_icon function in all versions up to, and including, 2.8.4.4. This makes it possible for unauthenticated atta... Read more
Affected Products :- Published: Jul. 31, 2024
- Modified: Jul. 31, 2024