| Page(s) : 1 ... 726 727 728 729 730 731 732 733 734 735 [736] 737 738 739 740 741 742 743 744 745 746 ... | Result(s) : 325831 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2025-03-19 | CVE-2024-13442 | cve | The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.0. This is due to the plugin ... |
| 8.8 | 2025-03-19 | CVE-2024-13933 | cve | The FoodBakery | Delivery Restaurant Directory WordPress Theme theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.7. This is... |
| 4.7 | 2025-03-19 | CVE-2024-45644 | cve | IBM Security ReaQta 3.12 allows a privileged user to upload or transfer files of dangerous types that can be automatically processed within the product's environment. |
| 4.9 | 2025-03-19 | CVE-2025-2511 | cve | The AHAthat Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the 'id' parameter in all versions up to, and including, 1.6 due to insufficient ... |
| 9.8 | 2025-03-19 | CVE-2025-2512 | cve | The File Away plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check and missing file type validation in the upload() function in all ver... |
| N/A | 2025-03-19 | CVE-2024-55551 | cve | An issue was discovered in Exasol JDBC driver before 24.2.1 (2024-12-10). Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the proce... |
| 8 | 2025-03-19 | CVE-2024-42176 | cve | HCL MyXalytics is affected by concurrent login vulnerability. A concurrent login vulnerability occurs when simultaneous active sessions are allowed for a single credential allow... |
| N/A | 2025-03-19 | CVE-2025-1472 | cve | Mattermost versions 9.11.x |
| 8.8 | 2025-03-19 | CVE-2024-12295 | cve | The BoomBox Theme Extensions plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.8.0. This is due to the plug... |
| 5.3 | 2025-03-19 | CVE-2025-2290 | cve | The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to Unauthenticated Post Trashing due to a missing capability check on the dele... |
| N/A | 2025-03-19 | CVE-2025-30234 | cve | SmartOS, as used in Triton Data Center and other products, has static host SSH keys in the 60f76fd2-143f-4f57-819b-1ae32684e81b image (a Debian 12 LX zone image from 2024-07-26). |
| 9.8 | 2025-03-19 | CVE-2024-12922 | cve | The Altair theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check within functions.php in... |
| N/A | 2025-03-19 | CVE-2024-50629 | cve | Improper encoding or escaping of output vulnerability in the webapi component in Synology BeeStation OS (BSM) before 1.1-65374 and Synology DiskStation Manager (DSM) before 7.1.... |
| N/A | 2025-03-19 | CVE-2024-50630 | cve | Missing authentication for critical function vulnerability in the webapi component in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows r... |
| N/A | 2025-03-19 | CVE-2024-50631 | cve | Improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-1... |
| N/A | 2025-03-19 | CVE-2025-1232 | cve | The Site Reviews WordPress plugin before 7.2.5 does not properly sanitise and escape some of its Review fields, which could allow unauthenticated users to perform Stored XSS att... |
| N/A | 2025-03-19 | CVE-2025-30235 | cve | Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 is intended to disable accounts that have had more than 10 failed authentication attempts, but instead allows hundreds of ... |
| N/A | 2025-03-19 | CVE-2025-30236 | cve | Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 allows authentication through only a six-digit TOTP code (skipping a password check) if an HTTP POST request contains a SE... |
| 9.8 | 2025-03-19 | CVE-2024-13410 | cve | The CozyStay and TinySalt plugins for WordPress are vulnerable to PHP Object Injection in all versions up to, and including, 1.7.0, and in all versions up to, and including 3.9.... |
| 7.5 | 2025-03-19 | CVE-2024-13412 | cve | The CozyStay theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_handler function in all versions up to, and inc... |
| Page(s) : 1 ... 726 727 728 729 730 731 732 733 734 735 [736] 737 738 739 740 741 742 743 744 745 746 ... | Result(s) : 325831 |
