cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-35770,https://securityvulnerability.io/vulnerability/CVE-2024-35770,CSRF Vulnerability in Vimeography: Vimeo Video Gallery WordPress Plugin,"A Cross-Site Request Forgery (CSRF) vulnerability exists in the Vimeography: Vimeo Video Gallery WordPress Plugin, allowing attackers to perform unauthorized actions on behalf of authenticated users. This vulnerability affects versions of the plugin up to 2.4.1, highlighting the need for users to implement security measures and apply updates to mitigate potential threats.",Wordpress,Vimeography: Vimeo Video Gallery WordPress Plugin,8.8,HIGH,0.0005799999926239252,false,,false,false,false,,false,false,2024-06-21T13:10:23.729Z,0
CVE-2024-0825,https://securityvulnerability.io/vulnerability/CVE-2024-0825,Vimeography Plugin Vulnerable to PHP Object Injection,"The Vimeography: Vimeo Video Gallery WordPress Plugin is susceptible to a PHP Object Injection flaw due to untrusted input deserialization within the duplicate_gallery function. This vulnerability affects all versions up to and including 2.3.2, allowing authenticated attackers with contributor privileges or higher to potentially manipulate PHP Objects. Although a Proof of Concept (POP) chain is absent from the vulnerable plugin, if additional plugins or themes that facilitate this vulnerability are present in the WordPress environment, attackers could exploit it to delete files, access sensitive information, or execute arbitrary code.",Wordpress,Vimeography: Vimeo Video Gallery WordPress Plugin,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,2024-03-05T01:56:02.076Z,0