| Page(s) : 1 ... 25 26 27 28 29 30 31 32 33 34 [35] 36 37 38 39 40 41 42 43 44 45 ... | Result(s) : 326177 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 8.8 | 2025-07-02 | CVE-2025-3848 | cve | The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 1.1.0 to 2.7.13.... |
| 8.1 | 2025-07-02 | CVE-2025-4380 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.89 via the &#... |
| 7.5 | 2025-07-02 | CVE-2025-4381 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the ‘$id’ variable of the getSpace() function in all ver... |
| 3.7 | 2025-07-02 | CVE-2025-4654 | cve | The Soumettre.fr plugin for WordPress is vulnerable to unauthorized access and modification of data due to a improper authorization checks on the make_signature function in all ... |
| 9.8 | 2025-07-02 | CVE-2025-4689 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion which leads to Remote Code Execution in all versions ... |
| N/A | 2025-07-02 | CVE-2025-52925 | cve | In One Identity OneLogin Active Directory Connector before 6.1.5, encryption of the DirectoryToken was mishandled, aka ST-812. |
| 8.8 | 2025-07-02 | CVE-2025-5014 | cve | The Home Villas | Real Estate WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'wp_rem_cs_widget... |
| 7.5 | 2025-07-02 | CVE-2025-5339 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘bsa_pro_id’ parameter in all versions up... |
| 9.8 | 2025-07-02 | CVE-2025-5746 | cve | The Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dnd_upload_cf7... |
| 7.2 | 2025-07-02 | CVE-2025-5817 | cve | The Amazon Products to WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.7 via the wcta2w_get_urls(). This ... |
| 7.5 | 2025-07-02 | CVE-2025-6437 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the ‘oid’ parameter in all versions up to, and including... |
| 8.8 | 2025-07-02 | CVE-2025-6459 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.89. Thi... |
| 6.4 | 2025-07-02 | CVE-2025-6686 | cve | The Magic Buttons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's magic-button shortcode in all versions up to, and includi... |
| 6.4 | 2025-07-02 | CVE-2025-6687 | cve | The Magic Buttons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's magic-button shortcode in all versions up to, and includi... |
| N/A | 2025-07-01 | CVE-2025-49741 | cve | No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. |
| N/A | 2025-07-01 | CVE-2025-34080 | cve | The Contec Co.,Ltd. CONPROSYS HMI System (CHS) is vulnerable to Cross-Site Scripting (XSS) in the getqsetting.php functionality that could allow reflected execution of scripts i... |
| N/A | 2025-07-01 | CVE-2025-34081 | cve | The Contec Co.,Ltd. CONPROSYS HMI System (CHS) exposes a PHP phpinfo() debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affe... |
| N/A | 2025-07-01 | CVE-2025-37099 | cve | A remote code execution vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646. |
| N/A | 2025-07-01 | CVE-2025-45080 | cve | YONO SBI: Banking & Lifestyle v1.23.36 was discovered to use unencrypted communicatons, possibly allowing attackers to execute a man-in-the-middle attack. |
| N/A | 2025-07-01 | CVE-2025-45081 | cve | Misconfigured settings in IITB SSO v1.1.0 allow attackers to access sensitive application data. |
| Page(s) : 1 ... 25 26 27 28 29 30 31 32 33 34 [35] 36 37 38 39 40 41 42 43 44 45 ... | Result(s) : 326177 |
