| Page(s) : 1 ... 42 43 44 45 46 47 48 49 50 51 [52] 53 54 55 56 57 58 59 60 61 62 ... | Result(s) : 114978 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.4 | 2025-05-08 | CVE-2024-55651 | cve | i-Educar is free, fully online school management software. Version 2.9 of the application fails to properly validate and sanitize user supplied input, leading to a stored cross-... |
| 5.4 | 2025-05-07 | CVE-2025-47632 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Raihanul Islam Awesome Gallery allows Stored XSS. This issue affe... |
| 5.4 | 2025-05-07 | CVE-2025-47630 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Darren Cooney Ajax Load More allows Stored XSS. This issue affect... |
| 4.8 | 2025-05-07 | CVE-2025-47626 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in apasionados Submission DOM tracking for Contact Form 7 allows Sto... |
| 4.8 | 2025-05-07 | CVE-2025-47625 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in apasionados DoFollow Case by Case allows Stored XSS. This issue a... |
| 4.8 | 2025-05-07 | CVE-2025-47623 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Easy PayPal Buy Now Button allows Stored XSS. This... |
| 5.4 | 2025-05-07 | CVE-2025-47547 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SendPulse SendPulse Email Marketing Newsletter allows Stored XSS.... |
| 6.1 | 2025-05-07 | CVE-2025-47517 | cve | Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Accept Donations with PayPal allows Stored XSS. This issue affects Accept Donations with PayPal: from n/a throu... |
| 6.4 | 2025-05-07 | CVE-2025-4220 | cve | The Xavin's List Subpages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'xls' shortcode in all versions up to, and inclu... |
| 6.4 | 2025-05-07 | CVE-2025-4171 | cve | The WZ Followed Posts – Display what visitors are reading plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wfp' shortcode in al... |
| 6.4 | 2025-05-07 | CVE-2025-4055 | cve | The Multiple Post Type Order plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mpto' shortcode in all versions up to, and includ... |
| 6.1 | 2025-05-07 | CVE-2025-4054 | cve | The Relevanssi – A Better Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the highlights functionality in all versions up to, and including, 4.24.3 ... |
| 5.3 | 2025-05-07 | CVE-2025-3924 | cve | The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized access of data via its publicly exposed reset-password endpoint. The plugin looks up t... |
| 6.4 | 2025-05-07 | CVE-2025-3860 | cve | The CarDealerPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘saleclass' parameter in all versions up to, and including, 6.7.2504.00 due to ... |
| 6.5 | 2025-05-07 | CVE-2025-3853 | cve | The WPshop 2 – E-Commerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 2.0.0 to 2.6.0 via the callback_generate_api_key() due to missing va... |
| 4.3 | 2025-05-07 | CVE-2025-3851 | cve | The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions 1.1.0 to 2.7.13 via the s... |
| 5.4 | 2025-05-07 | CVE-2025-3766 | cve | The Login Lockdown & Protection plugin for WordPress is vulnerable to unauthorized nonce access due to a missing capability check on the ajax_run_tool function in all versions u... |
| 5.3 | 2025-05-07 | CVE-2025-35939 | cve | Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an independent vulnerability. ... |
| 4.2 | 2025-05-07 | CVE-2025-32441 | cve | Rack is a modular Ruby web server interface. Prior to version 2.2.14, when using the `Rack::Session::Pool` middleware, simultaneous rack requests can restore a deleted rack sess... |
| 5.4 | 2025-05-07 | CVE-2025-3218 | cve | IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to authentication and authorization attacks due to incorrect validation processing in IBM i Netserver. A malicious actor could u... |
| Page(s) : 1 ... 42 43 44 45 46 47 48 49 50 51 [52] 53 54 55 56 57 58 59 60 61 62 ... | Result(s) : 114978 |
