| Page(s) : 1 ... 36 37 38 39 40 41 42 43 44 45 [46] 47 48 49 50 51 52 53 54 55 56 ... | Result(s) : 114978 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.4 | 2025-05-16 | CVE-2025-48135 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aptivadadev Aptivada for WP allows DOM-Based XSS. This issue affe... |
| 6.5 | 2025-05-16 | CVE-2025-48137 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in proxymis Interview allows SQL Injection. This issue affects Inter... |
| 6.1 | 2025-05-16 | CVE-2025-48144 | cve | Cross-Site Request Forgery (CSRF) vulnerability in sidngr Import Export For WooCommerce allows Stored XSS. This issue affects Import Export For WooCommerce: from n/a through 1.6.2. |
| 6.1 | 2025-05-16 | CVE-2025-48146 | cve | Cross-Site Request Forgery (CSRF) vulnerability in Michael Lups SEO Flow by LupsOnline allows Stored XSS. This issue affects SEO Flow by LupsOnline: from n/a through 2.2.0. |
| 4.7 | 2025-05-16 | CVE-2025-4795 | cve | A vulnerability classified as critical has been found in gongfuxiang schoolcms 2.3.1. This affects the function SaveInfo of the file /index.php?m=Admin&c=article&a=SaveInfo. The... |
| 6.1 | 2025-05-15 | CVE-2025-48051 | cve | powertip.ts in Lila (for Lichess) before ab0beaf allows XSS in some applications because of an innerHTML usage pattern in which text is extracted from a DOM node and interpreted... |
| 5.3 | 2025-05-15 | CVE-2025-4701 | cve | A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up to 20250421. This issue affects the function torch.load of the file models/utils... |
| 6.4 | 2025-05-15 | CVE-2025-4591 | cve | The Weluka Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'weluka-map' shortcode in all versions up to, and including, 1.... |
| 6.4 | 2025-05-15 | CVE-2025-4589 | cve | The Bon Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bt-map' shortcode in all versions up to, and including, 1.3.2 ... |
| 6.4 | 2025-05-15 | CVE-2025-4126 | cve | The EG-Series plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [series] shortcode in all versions up to, and including, 2.1.1 due to insuf... |
| 5.5 | 2025-05-15 | CVE-2025-3440 | cve | IBM Security Guardium 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus alteri... |
| 4.3 | 2025-05-15 | CVE-2025-1138 | cve | IBM InfoSphere Information Server 11.7 could disclose sensitive information to an authenticated user that could aid in further attacks against the system through a directory lis... |
| 5.4 | 2025-05-15 | CVE-2023-2334 | cve | The edd-google-sheet-connector-pro WordPress plugin before 1.4, Easy Digital Downloads Google Sheet Connector WordPress plugin before 1.6.6 does not have CSRF check when updatin... |
| 4.8 | 2025-05-15 | CVE-2024-13382 | cve | The Calculated Fields Form WordPress plugin before 5.2.64 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stor... |
| 5.4 | 2025-05-15 | CVE-2024-6718 | cve | The PVN Auth Popup WordPress plugin through 1.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is... |
| 6.1 | 2025-05-15 | CVE-2024-8090 | cve | The JavaScript Logic WordPress plugin through 0.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make l... |
| 6.5 | 2025-05-15 | CVE-2024-8094 | cve | The Ntz Antispam WordPress plugin through 2.0e does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them vi... |
| 6.1 | 2025-05-15 | CVE-2024-8095 | cve | The BabelZ WordPress plugin through 1.1.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged i... |
| 4.8 | 2025-05-15 | CVE-2024-8187 | cve | The Smart Post Show WordPress plugin before 3.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cros... |
| 4.8 | 2025-05-15 | CVE-2025-47786 | cve | Emlog is an open source website building system. Version 2.5.13 has a stored cross-site scripting vulnerability that allows any registered user to construct malicious JavaScript... |
| Page(s) : 1 ... 36 37 38 39 40 41 42 43 44 45 [46] 47 48 49 50 51 52 53 54 55 56 ... | Result(s) : 114978 |
