| Page(s) : 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 ... | Result(s) : 327067 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.5 | 2025-07-11 | CVE-2025-4593 | cve | The WP Register Profile With Shortcode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'rp_user_dat... |
| 6.4 | 2025-07-11 | CVE-2025-5530 | cve | The WPC Smart Compare for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'shortcode_btn' shortcode in all versions... |
| 6.4 | 2025-07-11 | CVE-2025-6068 | cve | The FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-caption-ti... |
| 5.3 | 2025-07-11 | CVE-2025-6745 | cve | The WoodMart plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 8.2.5 via the woodmart_get_posts_by_query() function due to insuffi... |
| 7.5 | 2025-07-11 | CVE-2025-7442 | cve | The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to SQL Injection via several parameters in the MJ_gmgt_delete_class_limit_for_member, MJ_gmgt_get_... |
| N/A | 2025-07-11 | CVE-2025-6438 | cve | CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could cause manipulation of SOAP API calls and XML external entities injection resulting... |
| 4.1 | 2025-07-11 | CVE-2025-6838 | cve | The Broken Link Notifier plugin for WordPress is vulnerable to CSV Injection in all versions up to, and including, 1.3.0 via broken links that are later exported. This makes it ... |
| 7.2 | 2025-07-11 | CVE-2025-6851 | cve | The Broken Link Notifier plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.3.0 via the ajax_blinks() function which ultim... |
| N/A | 2025-07-11 | CVE-2025-3933 | cve | A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically within the DonutProcessor class's `token2... |
| N/A | 2025-07-11 | CVE-2025-50121 | cve | CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability exists that could cause unauthenticated remote code ex... |
| N/A | 2025-07-11 | CVE-2025-50122 | cve | CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the password generation algorithm is reverse engineered with access to installat... |
| N/A | 2025-07-11 | CVE-2025-50123 | cve | CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could cause remote command execution by a privileged account when the serve... |
| N/A | 2025-07-11 | CVE-2025-50124 | cve | CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation when the server is accessed by a privileged account via a console and through e... |
| N/A | 2025-07-11 | CVE-2025-50125 | cve | CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthenticated remote code execution when the server is accessed via the network with knowledg... |
| N/A | 2025-07-11 | CVE-2025-6788 | cve | CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists that exposes TGML diagram resources to the wrong control sphere, providing other authenticated users with pote... |
| 3.1 | 2025-07-11 | CVE-2025-53861 | cve | A flaw was found in Ansible. Sensitive cookies without security flags over non-encrypted channels can lead to Man-in-the-Middle (MitM) and Cross-site scripting (XSS) attacks all... |
| 3.5 | 2025-07-11 | CVE-2025-53862 | cve | A flaw was found in Ansible. Three API endpoints are accessible and return verbose, unauthenticated responses. This flaw allows a malicious user to access data that may contain ... |
| 9.8 | 2025-07-11 | CVE-2025-7401 | cve | The Premium Age Verification / Restriction for WordPress plugin for WordPress is vulnerable to arbitrary file read and write due to the existence of an insufficiently protected ... |
| N/A | 2025-07-11 | CVE-2025-6200 | cve | The GeoDirectory WordPress plugin before 2.8.120 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is... |
| N/A | 2025-07-11 | CVE-2025-30026 | cve | The AXIS Camera Station Server had a flaw that allowed to bypass authentication that is normally required. |
| Page(s) : 1 2 3 [4] 5 6 7 8 9 10 11 12 13 14 ... | Result(s) : 327067 |
