Skip to main content
CVE-2021-39202 MEDIUM This Month

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS PHP
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2021-39201 MEDIUM This Month

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS PHP Debian Linux
NVD GitHub
CVSS 3.1
5.4
EPSS
1.6%
CVE-2021-36871 MEDIUM This Month

Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps Pro premium plugin (versions <= 8.1.11). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google WordPress XSS Wp Go Maps
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-36870 MEDIUM This Month

Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps plugin (versions <= 8.1.12). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google WordPress XSS Wp Go Maps
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-39200 MEDIUM This Month

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. No vendor patch available.

WordPress PHP Information Disclosure Debian Linux
NVD GitHub
CVSS 3.1
5.3
EPSS
2.2%
CVE-2021-38725 MEDIUM PATCH This Month

Fuel CMS 1.5.0 has a brute force vulnerability in fuel/modules/fuel/controllers/Login.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP Information Disclosure Fuel Cms
NVD GitHub
CVSS 3.1
5.3
EPSS
0.9%
CVE-2021-34786 MEDIUM This Month

Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Broadworks Commpilot Application Software
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2021-22239 MEDIUM This Month

An unauthorized user was able to insert metadata when creating new issue on GitLab CE/EE 14.0 and later. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2021-25463 LOW Monitor

Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Penup
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2021-25457 LOW Monitor

An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2021-25455 LOW Monitor

OOB read vulnerability in libsaviextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to access arbitrary address through pointer via forged avi file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2021-25451 LOW Monitor

A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows attackers to get IMSI data. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Android
NVD
CVSS 3.1
3.3
EPSS
0.2%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy