Page(s) : 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 ... | Result(s) : 325720 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
N/A | 2025-07-02 | CVE-2025-36630 | cve | In Tenable Nessus versions prior to 10.8.5 on a Windows host, it was found that a non-administrative user could overwrite arbitrary local system files with log content at SYSTEM... |
8.8 | 2025-07-02 | CVE-2025-5692 | cve | The Lead Form Data Collection to CRM plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability ch... |
6.1 | 2025-07-02 | CVE-2024-11405 | cve | The WP Front-end login and register plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the email and wpmp_reset_password_token parameters in all versions u... |
8.8 | 2025-07-02 | CVE-2025-3848 | cve | The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 1.1.0 to 2.7.13.... |
8.1 | 2025-07-02 | CVE-2025-4380 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.89 via the ... |
7.5 | 2025-07-02 | CVE-2025-4381 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the ‘$id’ variable of the getSpace() function in all ver... |
3.7 | 2025-07-02 | CVE-2025-4654 | cve | The Soumettre.fr plugin for WordPress is vulnerable to unauthorized access and modification of data due to a improper authorization checks on the make_signature function in all ... |
9.8 | 2025-07-02 | CVE-2025-4689 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion which leads to Remote Code Execution in all versions ... |
N/A | 2025-07-02 | CVE-2025-52925 | cve | In One Identity OneLogin Active Directory Connector before 6.1.5, encryption of the DirectoryToken was mishandled, aka ST-812. |
8.8 | 2025-07-02 | CVE-2025-5014 | cve | The Home Villas | Real Estate WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'wp_rem_cs_widget... |
7.5 | 2025-07-02 | CVE-2025-5339 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘bsa_pro_id’ parameter in all versions up... |
9.8 | 2025-07-02 | CVE-2025-5746 | cve | The Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dnd_upload_cf7... |
7.2 | 2025-07-02 | CVE-2025-5817 | cve | The Amazon Products to WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.7 via the wcta2w_get_urls(). This ... |
7.5 | 2025-07-02 | CVE-2025-6437 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the ‘oid’ parameter in all versions up to, and including... |
8.8 | 2025-07-02 | CVE-2025-6459 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.89. Thi... |
6.4 | 2025-07-02 | CVE-2025-6686 | cve | The Magic Buttons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's magic-button shortcode in all versions up to, and includi... |
6.4 | 2025-07-02 | CVE-2025-6687 | cve | The Magic Buttons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's magic-button shortcode in all versions up to, and includi... |
N/A | 2025-07-01 | CVE-2025-49741 | cve | No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. |
N/A | 2025-07-01 | CVE-2025-34080 | cve | The Contec Co.,Ltd. CONPROSYS HMI System (CHS) is vulnerable to Cross-Site Scripting (XSS) in the getqsetting.php functionality that could allow reflected execution of scripts i... |
N/A | 2025-07-01 | CVE-2025-34081 | cve | The Contec Co.,Ltd. CONPROSYS HMI System (CHS) exposes a PHP phpinfo() debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affe... |
Page(s) : 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 ... | Result(s) : 325720 |