| Page(s) : 1 ... 15 16 17 18 19 20 21 22 23 24 [25] 26 27 28 29 30 31 32 33 34 35 ... | Result(s) : 325482 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-06-27 | CVE-2025-5035 | cve | The Firelight Lightbox WordPress plugin before 2.3.16 does not sanitise and escape title attributes before outputting them in the page, which could allow users with a role as lo... |
| N/A | 2025-06-27 | CVE-2025-5093 | cve | The Responsive Lightbox & Gallery WordPress plugin before 2.5.2 use the Swipebox library which does not validate and escape title attributes before outputting them back in a pag... |
| N/A | 2025-06-27 | CVE-2025-5194 | cve | The WP Map Block WordPress plugin before 2.0.3 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which... |
| N/A | 2025-06-27 | CVE-2025-5526 | cve | The BuddyPress Docs WordPress plugin before 2.2.5 lacks proper access controls and allows a logged in user to view and download files belonging to another user |
| 6.4 | 2025-06-27 | CVE-2025-4587 | cve | The A/B Testing for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ab-testing-for-wp/ab-test-block' block in all ve... |
| N/A | 2025-06-27 | CVE-2025-5306 | cve | Improper Neutralization of Special Elements in the Netflow directory field may allow OS command injection. This issue affects Pandora FMS 774 through 778 |
| 4.3 | 2025-06-27 | CVE-2025-5936 | cve | The VR Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.4.7. This is due to missing or incorrect nonce validatio... |
| 6.4 | 2025-06-27 | CVE-2025-5940 | cve | The Osom Blocks – Custom Post Type listing block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class_name’ parameter in all versions up to, and incl... |
| 6.4 | 2025-06-27 | CVE-2025-6550 | cve | The The Pack Elementor addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘slider_options’ parameter in all versions up to, and including, 2.1.3 due... |
| 9.8 | 2025-06-27 | CVE-2025-6688 | cve | The Simple Payment plugin for WordPress is vulnerable to Authentication Bypass in versions 1.3.6 to 2.3.8. This is due to the plugin not properly verifying a user's identit... |
| 6.4 | 2025-06-27 | CVE-2025-6689 | cve | The FL3R Accessibility Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's fl3raccessibilitysuite shortcode in all versions up to, and ... |
| 9.8 | 2025-06-27 | CVE-2024-12827 | cve | The DWT - Directory & Listing WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.3.6. This is... |
| 7.2 | 2025-06-27 | CVE-2025-2940 | cve | The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.18 via the args[url] param... |
| 6.3 | 2025-06-27 | CVE-2025-6735 | cve | A vulnerability classified as critical has been found in juzaweb CMS 3.4.2. Affected is an unknown function of the file /admin-cp/imports of the component Import Page. The manip... |
| 6.3 | 2025-06-27 | CVE-2025-6736 | cve | A vulnerability classified as critical was found in juzaweb CMS 3.4.2. Affected by this vulnerability is an unknown functionality of the file /admin-cp/theme/install of the comp... |
| 6.3 | 2025-06-27 | CVE-2025-6738 | cve | A vulnerability, which was classified as critical, has been found in huija bicycleSharingServer up to 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a. Affected by this issue is the fun... |
| N/A | 2025-06-27 | CVE-2025-47818 | cve | Flock Safety Gunshot Detection devices before 1.3 have a hard-coded password for a connection. |
| N/A | 2025-06-27 | CVE-2025-47819 | cve | Flock Safety Gunshot Detection devices before 1.3 have an on-chip debug interface with improper access control. |
| N/A | 2025-06-27 | CVE-2025-47820 | cve | Flock Safety Gunshot Detection devices before 1.3 have cleartext storage of code. |
| 2.1 | 2025-06-27 | CVE-2025-6748 | cve | A vulnerability classified as problematic has been found in Bharti Airtel Thanks App 4.105.4 on Android. Affected is an unknown function of the file /Android/data/com.myairtelap... |
| Page(s) : 1 ... 15 16 17 18 19 20 21 22 23 24 [25] 26 27 28 29 30 31 32 33 34 35 ... | Result(s) : 325482 |
