| Page(s) : 1 ... 48 49 50 51 52 53 54 55 56 57 [58] 59 60 61 62 63 64 65 66 67 68 ... | Result(s) : 114978 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.4 | 2025-05-02 | CVE-2025-3670 | cve | The KiwiChat NextClient plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter in all versions up to, and including, 6.2 due to insufficient i... |
| 5.4 | 2025-05-02 | CVE-2025-3510 | cve | The tagDiv Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in all versions up to, and including, 5.4 due to insufficient input... |
| 5.4 | 2025-05-02 | CVE-2025-3488 | cve | The WPML plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpml_language_switcher shortcode in versions 3.6.0 - 4.7.3 due to insufficient i... |
| 6.5 | 2025-05-02 | CVE-2025-29825 | cve | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. |
| 5.3 | 2025-05-02 | CVE-2025-2880 | cve | The Yame | Link In Bio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.9.0 through the publicly accessible phpinfo.p... |
| 6.1 | 2025-05-02 | CVE-2025-2488 | cve | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Profelis Informatics SambaBox allows Cross-Site Scripting ... |
| 4.3 | 2025-05-02 | CVE-2025-1327 | cve | The Homey theme for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.4.4 via the 'homey_delete_user_account' action ... |
| 4.3 | 2025-05-02 | CVE-2025-1326 | cve | The Homey theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the homey_reservation_del() function in all versions up to,... |
| 6.1 | 2025-05-02 | CVE-2025-1301 | cve | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yordam Informatics Library Automation System allows Reflec... |
| 5.3 | 2025-05-02 | CVE-2024-55913 | cve | IBM Concert Software 1.0.0 through 1.0.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "... |
| 5.9 | 2025-05-02 | CVE-2024-55912 | cve | IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. |
| 6.5 | 2025-05-02 | CVE-2024-55910 | cve | IBM Concert Software 1.0.0 through 1.0.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the sys... |
| 6.5 | 2025-05-02 | CVE-2024-55909 | cve | IBM Concert Software 1.0.0 through 1.0.5 could allow an authenticated user to cause a denial of service due to the expansion of archive files without controlling resource consum... |
| 5.4 | 2025-05-02 | CVE-2024-13860 | cve | The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘bbp_topic_title’ parameter in all versions up to, and including, 2.8.50 due to ... |
| 5.4 | 2025-05-02 | CVE-2024-13859 | cve | The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘bp_nouveau_ajax_media_save’ function in all versions up to, and including, 2.8.... |
| 4.3 | 2025-05-02 | CVE-2024-13420 | cve | Multiple plugins and/or themes for WordPress are vulnerable to unauthorized access due to a missing capability check on several AJAX actions like 'gsf_reset_section_options... |
| 5.4 | 2025-05-02 | CVE-2024-13419 | cve | Multiple plugins and/or themes for WordPress using Smart Framework are vulnerable to Stored Cross-Site Scripting due to a missing capability check on the saveOptions() and impor... |
| 6.5 | 2025-05-02 | CVE-2024-12023 | cve | The FULL – Cliente plugin for WordPress is vulnerable to SQL Injection via the 'formId' parameter in all versions 3.1.5 to 3.1.25 due to insufficient escaping on the u... |
| 5.4 | 2025-05-02 | CVE-2024-13858 | cve | The BuddyBoss Platform plugin and BuddyBoss Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘invitee_name’ parameter in all versions up to, and includin... |
| 5.4 | 2025-05-01 | CVE-2025-4178 | cve | A vulnerability was found in xiaowei1118 java_server up to 11a5bac8f4ba1c17e4bc1b27cad6d24868500e3a on Windows and classified as critical. This issue affects some unknown proces... |
| Page(s) : 1 ... 48 49 50 51 52 53 54 55 56 57 [58] 59 60 61 62 63 64 65 66 67 68 ... | Result(s) : 114978 |
