Skip to main content
CVE-2024-9942 CRITICAL Act Now

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the MJ_gmgt_user_avatar_image_upload() function in all. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE WordPress File Upload Wordpress Gym Management System
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-9659 CRITICAL Act Now

The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the mj_smgt_user_avatar_image_upload() function in all. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE WordPress File Upload School Management System
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2024-9511 CRITICAL Act Now

The FluentSMTP - WP SMTP Plugin with Amazon SES, SendGrid, MailGun, Postmark, Google and Any SMTP Provider plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Deserialization WordPress PHP Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-10961 CRITICAL Act Now

The Social Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.9.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-0138 CRITICAL Act Now

NVIDIA Base Command Manager contains a missing authentication vulnerability in the CMDaemon component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Information Disclosure Denial Of Service Nvidia
NVD
CVSS 3.1
9.8
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy