| Page(s) : 1 ... 38 39 40 41 42 43 44 45 46 47 [48] 49 50 51 52 53 54 55 56 57 58 ... | Result(s) : 97077 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.2 | 2025-04-24 | CVE-2025-1294 | cve | The eForm - WordPress Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.18.0 due to insufficient input sanit... |
| 8.1 | 2025-04-24 | CVE-2021-47663 | cve | Due to improper JSON Web Tokens implementation an unauthenticated remote attacker can guess a valid session ID and therefore impersonate a user to gain full access. |
| 7.5 | 2025-04-24 | CVE-2021-47662 | cve | Due to missing authorization an unauthenticated remote attacker can cause a DoS attack by connecting via HTTPS and triggering the shutdown button. |
| 7.5 | 2025-04-23 | CVE-2025-3530 | cve | The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to product price manipulation in all versions up to, and including, 5.1.2. This is due to a logic flaw invo... |
| 8.2 | 2025-04-23 | CVE-2025-3529 | cve | The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.1.2 via the 'file_url' ... |
| 8.8 | 2025-04-23 | CVE-2025-32968 | cve | XWiki is a generic wiki platform. In versions starting from 1.6-milestone-1 to before 15.10.16, 16.4.6, and 16.10.1, it is possible for a user with SCRIPT right to escape from t... |
| 7.2 | 2025-04-22 | CVE-2025-46252 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kofimokome Message Filter for Contact Form 7 allows SQL Injection... |
| 8.8 | 2025-04-22 | CVE-2025-46251 | cve | Cross-Site Request Forgery (CSRF) vulnerability in e4jvikwp VikRestaurants Table Reservations and Take-Away allows Cross Site Request Forgery. This issue affects VikRestaurants ... |
| 8.8 | 2025-04-22 | CVE-2025-46249 | cve | Cross-Site Request Forgery (CSRF) vulnerability in Michael Simple calendar for Elementor allows Cross Site Request Forgery. This issue affects Simple calendar for Elementor: fro... |
| 8.8 | 2025-04-22 | CVE-2025-46246 | cve | Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM Answers allows Cross Site Request Forgery. This issue affects CM Answers: from n/a through 3.3.3. |
| 8.8 | 2025-04-22 | CVE-2025-46245 | cve | Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSolutions CM Ad Changer allows Cross Site Request Forgery. This issue affects CM Ad Changer: from n/a through 2.0.5. |
| 8.8 | 2025-04-22 | CVE-2025-46243 | cve | Cross-Site Request Forgery (CSRF) vulnerability in sonalsinha21 Recover abandoned cart for WooCommerce allows Cross Site Request Forgery. This issue affects Recover abandoned ca... |
| 8.8 | 2025-04-22 | CVE-2025-46241 | cve | Cross-Site Request Forgery (CSRF) vulnerability in codepeople Appointment Booking Calendar allows SQL Injection. This issue affects Appointment Booking Calendar: from n/a throug... |
| 8.8 | 2025-04-22 | CVE-2025-46232 | cve | Missing Authorization vulnerability in alttextai Download Alt Text AI allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Download Alt Te... |
| 8.8 | 2025-04-22 | CVE-2025-46231 | cve | Cross-Site Request Forgery (CSRF) vulnerability in SERVIT Software Solutions affiliate-toolkit allows Cross Site Request Forgery. This issue affects affiliate-toolkit: from n/a ... |
| 8 | 2025-04-22 | CVE-2025-3854 | cve | A vulnerability, which was classified as critical, was found in H3C GR-3000AX up to V100R006. Affected is the function EnableIpv6/UpdateWanModeMulti/UpdateIpv6Params/EditWlanMac... |
| 8.8 | 2025-04-22 | CVE-2025-3616 | cve | The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the gspb_make_proxy_api_re... |
| 8.4 | 2025-04-22 | CVE-2025-1951 | cve | IBM Hardware Management Console - Power Systems V10.2.1030.0 and V10.3.1050.0 could allow a local user to execute commands as a privileged user due to execution of commands with... |
| 7.5 | 2025-04-22 | CVE-2024-11299 | cve | The Memberpress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.11.37 via the WordPress core search feature. This ma... |
| 7.5 | 2025-04-21 | CVE-2025-43972 | cve | An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context. |
| Page(s) : 1 ... 38 39 40 41 42 43 44 45 46 47 [48] 49 50 51 52 53 54 55 56 57 58 ... | Result(s) : 97077 |
