| Page(s) : 1 ... 68 69 70 71 72 73 74 75 76 77 [78] 79 80 81 82 83 84 85 86 87 88 ... | Result(s) : 124961 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.1 | 2025-04-25 | CVE-2025-3868 | cve | The Custom Admin-Bar Favorites plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'menuObject' parameter in all versions up to, and including... |
| 6.1 | 2025-04-25 | CVE-2025-3867 | cve | The Ajax Comment Form CST plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce v... |
| 6.1 | 2025-04-25 | CVE-2025-3866 | cve | The Add Google +1 (Plus one) social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to mis... |
| 5.4 | 2025-04-25 | CVE-2025-3861 | cve | The Prevent Direct Access – Protect WordPress Files plugin for WordPress is vulnerable to unauthorized access and modification of data| due to a misconfigured capability check o... |
| 6.5 | 2025-04-25 | CVE-2025-3775 | cve | The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Server-Side Request F... |
| 6.4 | 2025-04-25 | CVE-2025-3752 | cve | The Able Player, accessible HTML5 media player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘preload’ parameter in all versions up to, and including... |
| 5.3 | 2025-04-25 | CVE-2025-3743 | cve | The Upsell Funnel Builder for WooCommerce plugin for WordPress is vulnerable to order manipulation in all versions up to, and including, 3.0.0. This is due to the plugin allowin... |
| 5.5 | 2025-04-25 | CVE-2025-2986 | cve | IBM Maximo Asset Management 7.6.1.3 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI th... |
| 4.9 | 2025-04-25 | CVE-2025-2580 | cve | The Contact Form by Bit Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.18.3 due to insuffici... |
| 5 | 2025-04-25 | CVE-2025-2070 | cve | An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary file reads on the system if a crafted url is visited by a local user. |
| 5 | 2025-04-25 | CVE-2025-2069 | cve | A cross-site scripting vulnerability was reported in the FileZ client that could allow execution of code if a crafted url is visited by a local user. |
| 5 | 2025-04-25 | CVE-2025-2068 | cve | An open redirect vulnerability was reported in the FileZ client that could allow information disclosure if a crafted url is visited by a local user. |
| 6.4 | 2025-04-24 | CVE-2025-3832 | cve | The FuseDesk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘successredirect’ parameter in all versions up to, and including, 6.7 due to insufficient ... |
| 4.2 | 2025-04-24 | CVE-2025-3793 | cve | The Buddypress Force Password Change plugin for WordPress is vulnerable to authenticated account takeover due to the plugin not properly validating a user's identity prior ... |
| 6.4 | 2025-04-24 | CVE-2025-3749 | cve | The Breeze Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘cal_size’ parameter in all versions up to, and including, 1.2.3 due to insufficient... |
| 4.4 | 2025-04-24 | CVE-2025-3435 | cve | The Mang Board WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the board_header and board_footer parameters in all versions up to, and including, 1.8.6 ... |
| 6.5 | 2025-04-24 | CVE-2025-3280 | cve | The ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes plugin for WordPress is vulnerable to SQL Injection via the 'attribute_value_filter' parameter in... |
| 6.4 | 2025-04-24 | CVE-2025-2579 | cve | The Lottie Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 1.1.8 due to insufficient input saniti... |
| 6.4 | 2025-04-24 | CVE-2025-2543 | cve | The Advanced Accordion Gutenberg Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.0.1 due to ... |
| 6.7 | 2025-04-24 | CVE-2025-1976 | cve | Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privile... |
| Page(s) : 1 ... 68 69 70 71 72 73 74 75 76 77 [78] 79 80 81 82 83 84 85 86 87 88 ... | Result(s) : 124961 |
