| Page(s) : 1 ... 324 325 326 327 328 329 330 331 332 333 [334] 335 336 337 338 339 340 341 342 343 344 ... | Result(s) : 299063 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.3 | 2025-05-02 | CVE-2025-4177 | cve | The Flynax Bridge plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deleteUser() function in all versions up to, and inclu... |
| N/A | 2025-05-02 | CVE-2025-4166 | cve | Vault Community and Vault Enterprise Key/Value (kv) Version 2 plugin may unintentionally expose sensitive information in server and audit logs when users submit malformed payloa... |
| 6.4 | 2025-05-02 | CVE-2025-4131 | cve | The GmapsMania plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's gmap shortcode in all versions up to, and including, 1.1 due to insufficie... |
| N/A | 2025-05-02 | CVE-2025-3927 | cve | Digigram's PYKO-OUT audio-over-IP (AoIP) web-server does not require a password by default, allowing any attacker with the target IP address to connect and compromise the d... |
| N/A | 2025-05-02 | CVE-2025-3879 | cve | Vault Community, Vault Enterprise (“Vault”) Azure Auth method did not correctly validate the claims in the Azure-issued token, resulting in the potential bypass of the bound_loc... |
| 5.4 | 2025-05-02 | CVE-2025-3858 | cve | The Formality plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ parameter in all versions up to, and including, 1.5.8 due to insufficient input s... |
| N/A | 2025-05-02 | CVE-2025-37798 | cve | In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making all ->qlen_notify() callbac... |
| N/A | 2025-05-02 | CVE-2025-37797 | cve | In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability ... |
| 5.4 | 2025-05-02 | CVE-2025-3748 | cve | The Taxonomy Chain Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's pn_chain_menu shortcode in all versions up to, and including, 1.0... |
| 9.8 | 2025-05-02 | CVE-2025-3746 | cve | The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation via account takeover in versions 2.0.14 to 2.0.59. This is due to the plugin not properly... |
| 9.8 | 2025-05-02 | CVE-2025-3709 | cve | Agentflow from Flowring Technology has an Account Lockout Bypass vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform password brute... |
| 9.8 | 2025-05-02 | CVE-2025-3708 | cve | Le-show medical practice management system from Le-yan has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, mod... |
| 6.5 | 2025-05-02 | CVE-2025-3707 | cve | The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL command to read database contents. |
| 6.4 | 2025-05-02 | CVE-2025-3670 | cve | The KiwiChat NextClient plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 6.2 due to insufficient i... |
| N/A | 2025-05-02 | CVE-2025-3514 | cve | The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross... |
| N/A | 2025-05-02 | CVE-2025-3513 | cve | The SureForms WordPress plugin before 1.4.4 does not sanitise and escape some of its Form settings, which could allow high privilege users such as admin to perform Stored Cross... |
| 5.4 | 2025-05-02 | CVE-2025-3510 | cve | The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in all versions up to, and including, 5.4 due to insufficient input... |
| 5.4 | 2025-05-02 | CVE-2025-3488 | cve | The WPML plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpml_language_switcher shortcode in versions 3.6.0 - 4.7.3 due to insufficient i... |
| 7.3 | 2025-05-02 | CVE-2025-3438 | cve | The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to limited privilege escalation in all versions up to, and including, 4.17.4. T... |
| 6.5 | 2025-05-02 | CVE-2025-29825 | cve | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. |
| Page(s) : 1 ... 324 325 326 327 328 329 330 331 332 333 [334] 335 336 337 338 339 340 341 342 343 344 ... | Result(s) : 299063 |
