| Page(s) : 1 ... 37 38 39 40 41 42 43 44 45 46 [47] 48 49 50 51 52 53 54 55 56 57 ... | Result(s) : 97077 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 8.1 | 2025-04-27 | CVE-2025-3886 | cve | An issue in CatoNetworks CatoClient before v.5.8.0 allows attackers to escalate privileges and achieve a race condition (TOCTOU) via the PrivilegedHelperTool component. |
| 8.8 | 2025-04-26 | CVE-2025-3914 | cve | The Aeropage Sync for Airtable plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'aeropage_media_downloader' func... |
| 8.8 | 2025-04-26 | CVE-2025-3906 | cve | The Integração entre Eduzz e Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wep_opcoes' ... |
| 7.2 | 2025-04-26 | CVE-2025-3491 | cve | The Add custom page template plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.0.1 via the '... |
| 8 | 2025-04-26 | CVE-2025-2851 | cve | A vulnerability classified as critical has been found in GL.iNet GL-A1300 Slate Plus, GL-AR300M16 Shadow, GL-AR300M Shadow, GL-AR750 Creta, GL-AR750S-EXT Slate, GL-AX1800 Flint,... |
| 7.3 | 2025-04-26 | CVE-2025-2801 | cve | The The Create custom forms for WordPress with a smart form plugin for smart businesses plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to... |
| 8.1 | 2025-04-26 | CVE-2025-2105 | cve | The Jupiter X Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.8.11 via deserialization of untrusted input from the '... |
| 8.1 | 2025-04-26 | CVE-2025-2101 | cve | The Edumall theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.4 via the 'template' parameter of the 'edumall_laz... |
| 8.8 | 2025-04-26 | CVE-2024-13808 | cve | The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.4.9 via the custom PHP widget. This is due to... |
| 7.2 | 2025-04-25 | CVE-2025-3935 | cve | ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserve page and control state, w... |
| 8.8 | 2025-04-25 | CVE-2025-3928 | cve | Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: "Webservers can be compromi... |
| 8.8 | 2025-04-25 | CVE-2025-2238 | cve | The Vikinger theme for WordPress is vulnerable to privilege in all versions up to, and including, 1.9.30. This is due to insufficient user_meta restrictions in the 'vikinge... |
| 7.5 | 2025-04-25 | CVE-2025-1565 | cve | The Mayosis Core plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.4.1 via the library/wave-audio/peaks/remote_dl.php file. This ... |
| 8.8 | 2025-04-25 | CVE-2025-1279 | cve | The BM Content Builder plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ux_... |
| 8.3 | 2025-04-24 | CVE-2025-3776 | cve | The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code Execution in all versions up to, and including, 1.5 via the 'targetvr_ajax_han... |
| 8.8 | 2025-04-24 | CVE-2025-3761 | cve | The My Tickets – Accessible Event Ticketing plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.0.16. This is due to the mt_save_p... |
| 8.8 | 2025-04-24 | CVE-2025-3607 | cve | The Frontend Login and Registration Blocks plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.0.7. This is d... |
| 7.2 | 2025-04-24 | CVE-2025-3300 | cve | The WPMasterToolKit (WPMTK) – All in one plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.5.2. This makes it possible for... |
| 8.8 | 2025-04-24 | CVE-2025-3101 | cve | The Configurator Theme Core plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.4.7. This is due to the plugin not properly valida... |
| 8.8 | 2025-04-24 | CVE-2025-3058 | cve | The Xelion Webchat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the xwc_sav... |
| Page(s) : 1 ... 37 38 39 40 41 42 43 44 45 46 [47] 48 49 50 51 52 53 54 55 56 57 ... | Result(s) : 97077 |
