Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 ... Result(s) : 327067

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
6.5 2025-07-11 CVE-2025-4593 cve The WP Register Profile With Shortcode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'rp_user_dat...
6.4 2025-07-11 CVE-2025-5530 cve The WPC Smart Compare for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shortcode_btn' shortcode in all versions...
6.4 2025-07-11 CVE-2025-6068 cve The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-caption-ti...
5.3 2025-07-11 CVE-2025-6745 cve The WoodMart plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 8.2.5 via the woodmart_get_posts_by_query() function due to insuffi...
7.5 2025-07-11 CVE-2025-7442 cve The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to SQL Injection via several parameters in the MJ_gmgt_delete_class_limit_for_member, MJ_gmgt_get_...
N/A 2025-07-11 CVE-2025-6438 cve CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause manipulation of SOAP API calls and XML external entities injection resulting...
4.1 2025-07-11 CVE-2025-6838 cve The Broken Link Notifier plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.3.0 via broken links that are later exported. This makes it ...
7.2 2025-07-11 CVE-2025-6851 cve The Broken Link Notifier plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.3.0 via the ajax_blinks() function which ultim...
N/A 2025-07-11 CVE-2025-3933 cve A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's `token2...
N/A 2025-07-11 CVE-2025-50121 cve CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause unauthenticated remote code ex...
N/A 2025-07-11 CVE-2025-50122 cve CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the password generation algorithm is reverse engineered with access to installat...
N/A 2025-07-11 CVE-2025-50123 cve CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote command execution by a privileged account when the serve...
N/A 2025-07-11 CVE-2025-50124 cve CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation when the server is accessed by a privileged account via a console and through e...
N/A 2025-07-11 CVE-2025-50125 cve CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthenticated remote code execution when the server is accessed via the network with knowledg...
N/A 2025-07-11 CVE-2025-6788 cve CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that exposes TGML diagram resources to the wrong control sphere, providing other authenticated users with pote...
3.1 2025-07-11 CVE-2025-53861 cve A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels can lead to Man-in-the-Middle (MitM) and Cross-site scripting (XSS) attacks all...
3.5 2025-07-11 CVE-2025-53862 cve A flaw was found in Ansible. Three API endpoints are accessible and return verbose, unauthenticated responses. This flaw allows a malicious user to access data that may contain ...
9.8 2025-07-11 CVE-2025-7401 cve The Premium Age Verification / Restriction for WordPress plugin for WordPress is vulnerable to arbitrary file read and write due to the existence of an insufficiently protected ...
N/A 2025-07-11 CVE-2025-6200 cve The GeoDirectory WordPress plugin before 2.8.120 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is...
N/A 2025-07-11 CVE-2025-30026 cve The AXIS Camera Station Server had a flaw that allowed to bypass authentication that is normally required.
Page(s) : 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 ... Result(s) : 327067