Skip to main content
CVE-2019-12780 CRITICAL POC THREAT Emergency

The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Crock Pot Smart Slow Cooker With Wemo Firmware
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
72.0%
CVE-2019-9879 CRITICAL POC THREAT Act Now

The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Wpgraphql
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
46.6%
CVE-2019-9880 CRITICAL POC THREAT Act Now

An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress Wpgraphql
NVD GitHub Exploit-DB
CVSS 3.0
9.1
EPSS
34.8%
CVE-2019-11027 CRITICAL PATCH Act Now

Ruby OpenID (aka ruby-openid) through 2.8.0 has a remotely exploitable flaw. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ruby Openid
NVD GitHub
CVSS 3.0
9.8
EPSS
3.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy