Skip to main content
CVE-2023-5201 CRITICAL Act Now

The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection WordPress Openhook
NVD VulDB
CVSS 3.1
9.9
EPSS
7.0%
CVE-2023-5300 CRITICAL Act Now

A vulnerability classified as critical has been found in TTSPlanning up to 20230925. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Ttsplanning
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-5227 CRITICAL PATCH Act Now

Unrestricted Upload of File with Dangerous Type in GitHub repository thorsten/phpmyfaq prior to 3.1.8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

File Upload Phpmyfaq
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy