How to verify CVE-2024-2235
Confirm whether your systems are actually affected — run the detection command below for a yes/no answer.
How to verify this vulnerability
Scanner data tells you how to confirm whether your systems are actually affected — not just that the CVE exists. Run a Nuclei template against your target for a yes/no answer in seconds.
nuclei -t CVE-2024-2235-himer-b3b23544-71de-4da8-9fd5-6d9ef995ad7b.yaml -u https://your-target -rl 50 -timeout 10Community template — download the YAML from GitHub first, then run the command against your own host.
- mediumCommunityhttpHimer <= 2.1.0 - Cross-Site Request Forgery to Poll Voting GitHub ↗
Find every CVE you can verify
Search the whole database by Nuclei coverage — filter by vendor, severity and KEV to build a verification list for your entire stack.
- Filter all CVEs that ship a Nuclei template
- Combine with vendor, severity & KEV
- Build a scan list across your stack
This template is on GitHub already — an account lets you search and filter every CVE that has one, not just this CVE.
Latest high-severity CVEs you can verify
Newest critical/high vulnerabilities that ship a Nuclei template.
- CVE-2025-69189WordPress JobBank plugin <= 1.2.3 - Broken Access Control vulnerability7.3◎ 1
- CVE-2024-32949WordPress Integrate Google Drive plugin <= 1.3.8 - Broken Access Control vulnerability8.3◎ 1
- CVE-2024-32729WordPress ChatBot Conversational Forms plugin <= 1.1.8 - Arbitrary File Download vulnerability7.5◎ 1
- CVE-2025-31013WordPress Themify Folo theme <= 1.9.6 - Reflected Cross Site Scripting (XSS) vulnerability7.1◎ 8
- CVE-2026-22343WordPress WordPress Dating Theme theme <= 11.2.0 - Broken Access Control vulnerability8.6◎ 1
- CVE-2026-22342WordPress WordPress Dating Theme theme <= 11.2.0 - Cross Site Request Forgery (CSRF) to Account Takeover vulnerability8.8◎ 1
- CVE-2026-22340WordPress WPJobster theme <= 6.3.5 - SQL Injection vulnerability9.3◎ 1
- CVE-2026-22339WordPress WPJobster theme <= 6.3.5 - Reflected Cross Site Scripting (XSS) vulnerability7.1◎ 1
Trending CVEs to verify now
What the security world is discussing right now — and can be checked with Nuclei.
- CVE-2026-20253↑ trendingUnauthenticated Arbitrary File Creation and Truncation in a PostgreSQL Sidecar Service Endpoint in Splunk EnterpriseKEV◎ 1
- CVE-2026-48907↑ trendingJoomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5KEV◎ 1
- CVE-2026-4020↑ trendingGravity SMTP <= 2.1.4 - Unauthenticated Sensitive Information Exposure via REST API◎ 1
- CVE-2026-39808↑ trendingA improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may allow attacker to execute unauthorized co...◎ 1
- CVE-2026-35616↑ trendingA improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.KEV◎ 1
- CVE-2023-3519↑ trendingUnauthenticated remote code executionKEV◎ 1
- CVE-2025-24813↑ trendingApache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUTKEV◎ 1
- CVE-2025-5777↑ trendingNetScaler ADC and NetScaler Gateway - Insufficient input validation leading to memory overreadKEV◎ 1