| Page(s) : 1 ... 139 140 141 142 143 144 145 146 147 148 [149] 150 151 152 153 154 155 156 157 158 159 ... | Result(s) : 114981 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.4 | 2025-02-22 | CVE-2024-13564 | cve | The Rife Elementor Extensions & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Writing Effect Headline shortcode in all versio... |
| 5.3 | 2025-02-22 | CVE-2025-1361 | cve | The IP2Location Country Blocker plugin for WordPress is vulnerable to Regular Information Exposure in all versions up to, and including, 2.38.8 due to missing capability checks ... |
| 5.3 | 2025-02-22 | CVE-2024-22341 | cve | IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4.6.6, 4.7.0 through 4.7.4, and 4.8.0 through 4.8.7 could allow unauthorized data ... |
| 4.3 | 2025-02-22 | CVE-2024-13873 | cve | The WP Job Portal – A Complete Recruitment System for Company or Job Board website plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, ... |
| 5.4 | 2025-02-22 | CVE-2024-12038 | cve | The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) plugin for WordPress is vulnerable to Stored Cross-Site Sc... |
| 6.1 | 2025-02-22 | CVE-2024-12467 | cve | The Pago por Redsys plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'Ds_MerchantParameters' parameter in all versions up to, and including... |
| 5.3 | 2025-02-22 | CVE-2024-13798 | cve | The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 2.3.5. This is due to in... |
| 6.1 | 2025-02-21 | CVE-2025-27108 | cve | dom-expressions is a Fine-Grained Runtime for Performant DOM Rendering. In affected versions the use of javascript's `.replace()` opens up to potential Cross-site Scripting... |
| 6.3 | 2025-02-21 | CVE-2025-1537 | cve | A vulnerability was found in Harpia DiagSystem 12. It has been rated as critical. This issue affects some unknown processing of the file /diagsystem/PACS/atualatendimento_jpeg.p... |
| 4.3 | 2025-02-21 | CVE-2025-1543 | cve | A vulnerability, which was classified as problematic, has been found in iteachyou Dreamer CMS 4.1.3. This issue affects some unknown processing of the file /resource/js/ueditor-... |
| 6.3 | 2025-02-21 | CVE-2025-1544 | cve | A vulnerability, which was classified as critical, was found in dingfanzu CMS up to 20250210. Affected is an unknown function of the file /ajax/loadShopInfo.php. The manipulatio... |
| 4.6 | 2025-02-21 | CVE-2025-1548 | cve | A vulnerability was found in iteachyou Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/archives/edit. The mani... |
| 5.4 | 2025-02-21 | CVE-2024-13455 | cve | The igumbi Online Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'igumbi_calendar' shortcode in all versions up to, an... |
| 6.5 | 2025-02-21 | CVE-2024-13713 | cve | The WPExperts Square For GiveWP plugin for WordPress is vulnerable to SQL Injection via the 'post' parameter in all versions up to, and including, 1.3.1 due to insuffi... |
| 4.9 | 2025-02-21 | CVE-2024-13846 | cve | The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘post_id’ parameter in all versions up to, and including, 3.9 due to insu... |
| 5.3 | 2025-02-21 | CVE-2025-1402 | cve | The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ajax_ticket_delete' functi... |
| 5.4 | 2025-02-21 | CVE-2025-1489 | cve | The WP-Appbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's appbox shortcode in all versions up to, and including, 4.5.4 due to insuffi... |
| 5.4 | 2025-02-21 | CVE-2024-10222 | cve | The SVG Support plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.5.10 due to insufficient input san... |
| 5.4 | 2025-02-21 | CVE-2025-1410 | cve | The Events Calendar Made Simple – Pie Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's piecal shortcode in all versions up to, an... |
| 6.5 | 2025-02-21 | CVE-2024-12276 | cve | The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to second-order SQL Injecti... |
| Page(s) : 1 ... 139 140 141 142 143 144 145 146 147 148 [149] 150 151 152 153 154 155 156 157 158 159 ... | Result(s) : 114981 |
