Skip to main content
CVE-2021-24451 HIGH POC This Week

The Export Users With Meta WordPress plugin before 0.6.5 did not escape the list of roles to export before using them in a SQL statement in the export functionality, available to admins, leading to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi Export Users With Meta
NVD WPScan
CVSS 3.1
7.2
EPSS
1.4%
CVE-2021-22229 HIGH This Week

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-32740 HIGH PATCH This Week

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Addressable Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
2.2%
CVE-2021-24005 HIGH This Week

Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in FortiAuthenticator versions before 6.3.0 may allow an attacker with access to the files or the CLI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Authentication Bypass Fortiauthenticator
NVD
CVSS 3.1
7.5
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy