| Page(s) : 1 ... 4 5 6 7 8 9 10 11 12 13 [14] 15 16 17 18 19 20 21 22 23 24 ... | Result(s) : 325997 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 4.3 | 2025-07-04 | CVE-2025-5924 | cve | The WP Firebase Push Notification plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.0. This is due to missing or incorre... |
| 4.3 | 2025-07-04 | CVE-2025-5933 | cve | The RD Contacto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation ... |
| 8.8 | 2025-07-04 | CVE-2025-5953 | cve | The WP Human Resource Management plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization in the ajax_insert_employee() and update_empoyee() funct... |
| 6.5 | 2025-07-04 | CVE-2025-5956 | cve | The WP Human Resource Management plugin for WordPress is vulnerable to Arbitrary User Deletion due to a missing authorization within the ajax_delete_employee() function in versi... |
| 6.4 | 2025-07-04 | CVE-2025-6039 | cve | The ProcessingJS for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pjs4wp' shortcode in all versions up to, and in... |
| 6.1 | 2025-07-04 | CVE-2025-6041 | cve | The yContributors plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5. This is due to missing or incorrect nonce validatio... |
| 8 | 2025-07-04 | CVE-2025-6238 | cve | The AI Engine plugin for WordPress is vulnerable to open redirect in version 2.8.4. This is due to an insecure OAuth implementation, as the 'redirect_uri' parameter is... |
| 7.2 | 2025-07-04 | CVE-2025-6586 | cve | The Download Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the dpwap_plugin_locInstall function in all versions up t... |
| 6.4 | 2025-07-04 | CVE-2025-6729 | cve | The PayMaster for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 0.4.31 via the 'wp_ajax_paym_status�... |
| 6.5 | 2025-07-04 | CVE-2025-6739 | cve | The WPQuiz plugin for WordPress is vulnerable to SQL Injection via the 'id' attribute of the 'wpquiz' shortcode in all versions up to, and including, 0.4.2 d... |
| 7.5 | 2025-07-04 | CVE-2025-6782 | cve | The GoZen Forms plugin for WordPress is vulnerable to SQL Injection via the 'forms-id' parameter of the dirGZActiveForm() function in all versions up to, and including... |
| 7.5 | 2025-07-04 | CVE-2025-6783 | cve | The GoZen Forms plugin for WordPress is vulnerable to SQL Injection via the 'forms-id' parameter of the emdedSc() function in all versions up to, and including, 1.1.5 ... |
| 5.3 | 2025-07-04 | CVE-2025-6786 | cve | The DocCheck Login plugin for WordPress is vulnerable to unauthorized post access in all versions up to, and including, 1.1.5. This is due to plugin redirecting a user to login ... |
| 6.4 | 2025-07-04 | CVE-2025-6787 | cve | The Smart Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'smartdocs_search' shortcode in all versions up to, and includin... |
| 7.5 | 2025-07-04 | CVE-2025-6814 | cve | The Booking X plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_now() function in versions 1.0 to 1.1.2. This mak... |
| 6.4 | 2025-07-04 | CVE-2025-7046 | cve | The Portfolio for Elementor & Image Gallery | PowerFolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom JS Attributes of Plugin's widgets ... |
| 3.5 | 2025-07-04 | CVE-2025-7053 | cve | A vulnerability was found in Cockpit up to 2.11.3. It has been rated as problematic. This issue affects some unknown processing of the file /system/users/save. The manipulation ... |
| 7.2 | 2025-07-03 | CVE-2025-5322 | cve | The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the do_updatecar and createcar fu... |
| N/A | 2025-07-03 | CVE-2025-23968 | cve | Unrestricted Upload of File with Dangerous Type vulnerability in WPCenter AiBud WP allows Upload a Web Shell to a Web Server.This issue affects AiBud WP: from n/a through 1.8.5. |
| N/A | 2025-07-03 | CVE-2025-45809 | cve | BerriAI litellm v1.65.4 was discovered to contain a SQL injection vulnerability via the /key/block endpoint. |
| Page(s) : 1 ... 4 5 6 7 8 9 10 11 12 13 [14] 15 16 17 18 19 20 21 22 23 24 ... | Result(s) : 325997 |
