| Page(s) : 1 ... 683 684 685 686 687 688 689 690 691 692 [693] 694 695 696 697 698 699 700 701 702 703 ... | Result(s) : 299922 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.5 | 2025-03-20 | CVE-2024-13923 | cve | The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.6.0 via the validate_fi... |
| 5.4 | 2025-03-20 | CVE-2025-1802 | cve | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘marker_title’, 'notification_content', and '... |
| N/A | 2025-03-20 | CVE-2025-27888 | cve | Severity: medium (5.8) / important Server-Side Request Forgery (SSRF), Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), URL Redir... |
| N/A | 2025-03-20 | CVE-2025-2311 | cve | Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Sechard Information Technologies SecHard... |
| 7.5 | 2025-03-20 | CVE-2025-2539 | cve | The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax() function in all versions up to, and including, 3.... |
| N/A | 2025-03-20 | CVE-2025-29101 | cve | Tenda AC8V4.0 V16.03.34.06 was discovered to contain a stack overflow via the deviceid parameter in the get_parentControl_list_Info function. |
| N/A | 2025-03-20 | CVE-2024-48590 | cve | Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive inf... |
| N/A | 2025-03-20 | CVE-2025-0254 | cve | HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to 9.5 CF226. An attacker could intercept and potentially al... |
| 6.5 | 2025-03-20 | CVE-2025-1496 | cve | Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot allows Password Brute Forcing, Authentication Abuse.This issue affects Coslat Ho... |
| N/A | 2025-03-20 | CVE-2025-29410 | cve | A cross-site scripting (XSS) vulnerability in the component /contact.php of Hospital Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecti... |
| N/A | 2025-03-20 | CVE-2025-29412 | cve | A cross-site scripting (XSS) vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary web scripts or HTML via ... |
| N/A | 2025-03-20 | CVE-2024-48591 | cve | Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing. |
| N/A | 2025-03-20 | CVE-2025-29411 | cve | An arbitrary file upload vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary code via uploading a crafted... |
| 4.3 | 2025-03-20 | CVE-2025-2546 | cve | A vulnerability classified as problematic was found in D-Link DIR-618 and DIR-605L 2.02/3.02. This vulnerability affects unknown code of the file /goform/formAdvFirewall of the ... |
| N/A | 2025-03-20 | CVE-2024-13875 | cve | The WP-PManager WordPress plugin through 1.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which co... |
| N/A | 2025-03-20 | CVE-2024-13876 | cve | The mEintopf WordPress plugin through 0.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which cou... |
| N/A | 2025-03-20 | CVE-2024-13877 | cve | The Passbeemedia Web Push Notification WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cros... |
| N/A | 2025-03-20 | CVE-2024-13878 | cve | The SpotBot WordPress plugin through 0.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which coul... |
| N/A | 2025-03-20 | CVE-2024-13880 | cve | The My Quota WordPress plugin through 1.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which cou... |
| N/A | 2025-03-20 | CVE-2024-13881 | cve | The Link My Posts WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which ... |
| Page(s) : 1 ... 683 684 685 686 687 688 689 690 691 692 [693] 694 695 696 697 698 699 700 701 702 703 ... | Result(s) : 299922 |
