Skip to main content
CVE-2023-48017 HIGH POC This Week

Dreamer_cms 4.1.3 is vulnerable to Cross Site Request Forgery (CSRF) via Add permissions to CSRF in Permission Management. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Dreamer Cms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-46402 HIGH POC This Week

git-urls 1.0.0 allows ReDOS (Regular Expression Denial of Service) in urls.go. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Git Urls
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-6187 HIGH PATCH Act Now

The Paid Memberships Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'pmpro_paypalexpress_session_vars_for_user_fields' function in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Epss exploitation probability 19.7%.

WordPress File Upload RCE Paid Memberships Pro
NVD VulDB
CVSS 3.1
7.5
EPSS
19.7%
CVE-2023-47667 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Mammothology WP Full Stripe Free.0.16. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Wp Full Stripe Free
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2023-4214 HIGH PATCH This Week

The AppPresser plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 4.2.5. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass WordPress Apppresser
NVD VulDB
CVSS 3.1
8.1
EPSS
0.3%
CVE-2023-38361 HIGH PATCH This Week

IBM CICS TX Advanced 10.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure IBM Cics Tx
NVD
CVSS 3.1
7.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy