| Page(s) : 1 2 3 4 [5] 6 7 8 9 10 11 12 13 14 15 ... | Result(s) : 300103 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2025-07-02 | CVE-2025-4689 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Local File Inclusion which leads to Remote Code Execution in all versions ... |
| N/A | 2025-07-02 | CVE-2025-52925 | cve | In One Identity OneLogin Active Directory Connector before 6.1.5, encryption of the DirectoryToken was mishandled, aka ST-812. |
| 8.8 | 2025-07-02 | CVE-2025-5014 | cve | The Home Villas | Real Estate WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'wp_rem_cs_widget... |
| 7.5 | 2025-07-02 | CVE-2025-5339 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘bsa_pro_id’ parameter in all versions up... |
| 9.8 | 2025-07-02 | CVE-2025-5746 | cve | The Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dnd_upload_cf7... |
| 7.2 | 2025-07-02 | CVE-2025-5817 | cve | The Amazon Products to WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.2.7 via the wcta2w_get_urls(). This ... |
| 7.5 | 2025-07-02 | CVE-2025-6437 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to SQL Injection via the ‘oid’ parameter in all versions up to, and including... |
| 8.8 | 2025-07-02 | CVE-2025-6459 | cve | The Ads Pro Plugin - Multi-Purpose WordPress Advertising Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.89. Thi... |
| 6.4 | 2025-07-02 | CVE-2025-6686 | cve | The Magic Buttons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's magic-button shortcode in all versions up to, and includi... |
| 6.4 | 2025-07-02 | CVE-2025-6687 | cve | The Magic Buttons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's magic-button shortcode in all versions up to, and includi... |
| N/A | 2025-07-01 | CVE-2025-49741 | cve | No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network. |
| N/A | 2025-07-01 | CVE-2025-34080 | cve | The Contec Co.,Ltd. CONPROSYS HMI System (CHS) is vulnerable to Cross-Site Scripting (XSS) in the getqsetting.php functionality that could allow reflected execution of scripts i... |
| N/A | 2025-07-01 | CVE-2025-34081 | cve | The Contec Co.,Ltd. CONPROSYS HMI System (CHS) exposes a PHP phpinfo() debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affe... |
| N/A | 2025-07-01 | CVE-2025-37099 | cve | A remote code execution vulnerability exists in HPE Insight Remote Support (IRS) prior to v7.15.0.646. |
| N/A | 2025-07-01 | CVE-2025-45080 | cve | YONO SBI: Banking & Lifestyle v1.23.36 was discovered to use unencrypted communicatons, possibly allowing attackers to execute a man-in-the-middle attack. |
| N/A | 2025-07-01 | CVE-2025-45081 | cve | Misconfigured settings in IITB SSO v1.1.0 allow attackers to access sensitive application data. |
| N/A | 2025-07-01 | CVE-2025-45083 | cve | Incorrect access control in Ullu (Android version v2.9.929 and IOS version v2.8.0) allows attackers to bypass parental pin feature via unspecified vectors. |
| N/A | 2025-07-01 | CVE-2025-52294 | cve | Insufficient validation of the screen lock mechanism in Trust Wallet v8.45 allows physically proximate attackers to bypass the lock screen and view the wallet balance. |
| N/A | 2025-07-01 | CVE-2025-53100 | cve | RestDB's Codehooks.io MCP Server is an MCP server on the Codehooks.io platform. Prior to version 0.2.2, the MCP server is written in a way that is vulnerable to command inj... |
| N/A | 2025-07-01 | CVE-2025-53103 | cve | JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The im... |
| Page(s) : 1 2 3 4 [5] 6 7 8 9 10 11 12 13 14 15 ... | Result(s) : 300103 |
