| Page(s) : 1 ... 402 403 404 405 406 407 408 409 410 411 [412] 413 414 415 416 417 418 419 420 421 422 ... | Result(s) : 325083 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 8.8 | 2025-04-25 | CVE-2025-2238 | cve | The Vikinger theme for WordPress is vulnerable to privilege in all versions up to, and including, 1.9.30. This is due to insufficient user_meta restrictions in the 'vikinge... |
| N/A | 2025-04-25 | CVE-2025-2185 | cve | ALBEDO Telecom Net.Time - PTP/NTP clock (Serial No. NBC0081P) software release 1.4.4 is vulnerable to an insufficient session expiration vulnerability, which could permit an at... |
| 5 | 2025-04-25 | CVE-2025-2070 | cve | An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary file reads on the system if a crafted url is visited by a local user. |
| 5 | 2025-04-25 | CVE-2025-2069 | cve | A cross-site scripting vulnerability was reported in the FileZ client that could allow execution of code if a crafted url is visited by a local user. |
| 5 | 2025-04-25 | CVE-2025-2068 | cve | An open redirect vulnerability was reported in the FileZ client that could allow information disclosure if a crafted url is visited by a local user. |
| 7.5 | 2025-04-25 | CVE-2025-1565 | cve | The Mayosis Core plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.4.1 via the library/wave-audio/peaks/remote_dl.php file. This ... |
| 8.8 | 2025-04-25 | CVE-2025-1279 | cve | The BM Content Builder plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ux_... |
| N/A | 2025-04-25 | CVE-2025-0671 | cve | The Icegram Express WordPress plugin before 5.7.50 does not sanitise and escape some of its Template settings, which could allow high privilege users such as admin to perform S... |
| N/A | 2025-04-25 | CVE-2024-6199 | cve | An unauthenticated attacker on the WAN interface, with the ability to intercept Dynamic DNS (DDNS) traffic between DDNS services and the modem, could manipulate specific respons... |
| N/A | 2025-04-25 | CVE-2024-6198 | cve | The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the “SNORE” interface. This interface is affected by a stack ... |
| N/A | 2025-04-25 | CVE-2024-57375 | cve | Andamiro Pump It Up 20th Anniversary (aka Double X or XX/2019) 1.00.0-2.08.3 allows a physically proximate attacker to cause a denial of service (application crash) via certain ... |
| N/A | 2025-04-25 | CVE-2024-56156 | cve | Halo is an open source website building tool. Prior to version 2.20.13, a vulnerability in Halo allows attackers to bypass file type validation controls. This bypass enables the... |
| N/A | 2025-04-25 | CVE-2024-30152 | cve | HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, modify data, or other impacts. |
| N/A | 2025-04-25 | CVE-2024-11917 | cve | The JobSearch WP Job Board plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.9.2. This is due to improper configurations in the... |
| N/A | 2025-04-25 | CVE-2021-32601 | cve | Rejected reason: Not used |
| N/A | 2025-04-24 | CVE-2025-46542 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeXpert Xpert Tab allows Stored XSS. This issue affects Xpert ... |
| N/A | 2025-04-24 | CVE-2025-46541 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elrata_ WP-reCAPTCHA-bp allows Stored XSS. This issue affects WP-... |
| N/A | 2025-04-24 | CVE-2025-46540 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Mok GNA Search Shortcode allows Stored XSS. This issue affe... |
| N/A | 2025-04-24 | CVE-2025-46538 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webplanetsoft Inline Text Popup allows DOM-Based XSS. This issue ... |
| N/A | 2025-04-24 | CVE-2025-46536 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RichardHarrison Carousel-of-post-images allows DOM-Based XSS. Thi... |
| Page(s) : 1 ... 402 403 404 405 406 407 408 409 410 411 [412] 413 414 415 416 417 418 419 420 421 422 ... | Result(s) : 325083 |
