Homepage
About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

APPLICATION

Expand this section

OPERATING SYSTEM

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • L
Directory Traversal 		johnpbloch/wordpress-core >=4.1.0, <4.1.41 >=4.2.0, <4.2.38 >=4.3.0, <4.3.34 >=4.4.0, <4.4.33 >=4.5.0, <4.5.32 >=4.6.0, <4.6.29 >=4.7.0, <4.7.29 >=4.8.0, <4.8.25 >=4.9.0, <4.9.26 >=5.0.0, <5.0.22 >=5.1.0, <5.1.19 >=5.2.0, <5.2.21 >=5.3.0, <5.3.18 >=5.4.0, <5.4.16 >=5.5.0, <5.5.15 >=5.6.0, <5.6.14 >=5.7.0, <5.7.12 >=5.8.0, <5.8.10 >=5.9.0, <5.9.10 >=6.0.0, <6.0.9 >=6.1.0, <6.1.7 >=6.2.0, <6.2.6 >=6.3.0, <6.3.5 >=6.4.0, <6.4.4 >=6.5.0, <6.5.6 Composer 27 Jun 2024
  • M
Cross-site Scripting (XSS) 		johnpbloch/wordpress-core >=5.9.0, <5.9.10 >=6.0.0, <6.0.9 >=6.1.0, <6.1.7 >=6.2.0, <6.2.6 >=6.3.0, <6.3.5 >=6.4.0, <6.4.5 >=6.5.0, <6.5.5 Composer 27 Jun 2024
  • M
Cross-site Scripting (XSS) 		johnpbloch/wordpress >=5.9.0, <5.9.10 >=6.0.0, <6.0.9 >=6.1.0, <6.1.7 >=6.2.0, <6.2.6 >=6.3.0, <6.3.5 >=6.4.0, <6.4.5 >=6.5.0, <6.5.5 Composer 27 Jun 2024
  • M
Cross-site Scripting (XSS) 		johnpbloch/wordpress-core >=5.9.0, <5.9.10 >=6.0.0, <6.0.9 >=6.1.0, <6.1.7 >=6.2.0, <6.2.6 >=6.3.0, <6.3.5 >=6.4.0, <6.4.5 >=6.5.0, <6.5.5 Composer 27 Jun 2024
  • M
Debug Messages Revealing Unnecessary Information 		aimeos/ai-client-html >=2021.10.1, <2021.10.22 >=2022.4.1, <2022.10.13 >=2023.4.1, <2023.10.15 >=2024.4.1, <2024.4.7 Composer 26 Jun 2024
  • M
Cross-site Scripting (XSS) 		anchorcms/anchor-cms >=0.0.0 Composer 25 Jun 2024
  • M
Resource Exhaustion 		vrana/adminer <4.8.4 Composer 25 Jun 2024
  • M
Server-Side Request Forgery (SSRF) 		vrana/adminer <4.8.4 Composer 25 Jun 2024
  • M
Cross-site Scripting (XSS) 		tinymce/tinymce <6.8.4 >=7.0.0, <7.2.0 Composer 25 Jun 2024
  • C
Directory Traversal 		vrana/adminer <4.8.3 Composer 23 Jun 2024
  • M
SQL Injection 		jweiland/events2 <8.3.8 >=9.0.0, <9.0.6 Composer 21 Jun 2024
  • M
Use of Cache Containing Sensitive Information 		jweiland/events2 <8.3.8 >=9.0.0, <9.0.6 Composer 21 Jun 2024
  • M
Improper Access Control 		jweiland/events2 <8.3.8 >=9.0.0, <9.0.6 Composer 21 Jun 2024
  • M
Cross-site Scripting (XSS) 		moodle/moodle >=0.0.0 Composer 21 Jun 2024
  • M
Access Control Bypass 		studiomitte/friendlycaptcha <0.1.4 Composer 21 Jun 2024
  • M
Observable Response Discrepancy 		nasirkhan/laravel-starter >=0.0.0 Composer 21 Jun 2024
  • H
Arbitrary File Creation 		opencart/opencart >=4.0.0.0 Composer 21 Jun 2024
  • H
Arbitrary File Write via Archive Extraction (Zip Slip) 		opencart/opencart >=4.0.0.0 Composer 21 Jun 2024
  • L
Reflected Cross-site Scripting 		opencart/opencart >=4.0.0.0 Composer 21 Jun 2024
  • L
Reflected Cross-site Scripting 		opencart/opencart >=4.0.0.0 Composer 21 Jun 2024
  • L
Reflected Cross-site Scripting 		opencart/opencart >=4.0.0.0 Composer 21 Jun 2024
  • H
SQL Injection 		opencart/opencart <3.0.4.0 Composer 21 Jun 2024
  • M
Improper Access Control 		moodle/moodle <4.1.11 >=4.2.0, <4.2.8 >=4.3.0, <4.3.5 >=4.4.0, <4.4.1 Composer 20 Jun 2024
  • M
Cross-Site Request Forgery (CSRF) 		moodle/moodle <4.1.11 >=4.2.0, <4.2.8 >=4.3.0, <4.3.5 >=4.4.0, <4.4.1 Composer 20 Jun 2024
  • M
Use of a Key Past its Expiration Date 		moodle/moodle <4.1.11 >=4.2.0, <4.2.8 >=4.3.0, <4.3.5 >=4.4.0, <4.4.1 Composer 20 Jun 2024
  • M
Cross-site Scripting (XSS) 		moodle/moodle <4.1.11 >=4.2.0, <4.2.8 >=4.3.0, <4.3.5 >=4.4.0, <4.4.1 Composer 20 Jun 2024
  • M
Improper Authorization 		moodle/moodle <4.1.11 >=4.2.0, <4.2.8 >=4.3.0, <4.3.5 >=4.4.0, <4.4.1 Composer 20 Jun 2024
  • M
Cross-site Scripting (XSS) 		tinymce/tinymce <6.8.4 >=7.0.0, <7.2.0 Composer 20 Jun 2024
  • M
Reliance on a Single Factor in a Security Decision 		grumpydictator/firefly-iii <6.1.17 Composer 19 Jun 2024
  • H
SQL Injection 		dolibarr/dolibarr <19.0.2 Composer 19 Jun 2024