| Page(s) : 1 ... 787 788 789 790 791 792 793 794 795 796 [797] 798 799 800 801 802 803 804 805 806 807 ... | Result(s) : 325916 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2025-03-08 | CVE-2024-13359 | cve | The Product Input Fields for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the add_product_input_fields_to... |
| 4.3 | 2025-03-08 | CVE-2025-1322 | cve | The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 16.26.10 via the 'fe... |
| 9.8 | 2025-03-08 | CVE-2025-1323 | cve | The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to SQL Injection via the 'databeat' parameter in all versions up to, and incl... |
| 5.4 | 2025-03-08 | CVE-2025-1324 | cve | The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'public-form' shortcode ... |
| 6.3 | 2025-03-08 | CVE-2025-1325 | cve | The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to arbitrary shortcode execution due to a missing capability check on the 'rcl_pre... |
| 5.4 | 2025-03-08 | CVE-2025-1783 | cve | The Gallery Styles plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Gallery Block in all versions up to, and including, 1.3.4 due to insufficient input ... |
| 5.4 | 2025-03-08 | CVE-2025-1261 | cve | The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up... |
| 6.4 | 2025-03-08 | CVE-2024-12460 | cve | The Years Since – Timeless Texts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'years-since' shortcode in all versions up to,... |
| 6.5 | 2025-03-08 | CVE-2024-13774 | cve | The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.7. This is ... |
| 7.2 | 2025-03-08 | CVE-2024-13835 | cve | The Post Meta Data Manager plugin for WordPress is vulnerable to multisite privilege escalation in all versions up to, and including, 1.4.3. This is due to the plugin not proper... |
| 7.2 | 2025-03-08 | CVE-2024-13890 | cve | The Allow PHP Execute plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 1.0. This is due to allowing PHP code to be entered by all u... |
| 6.3 | 2025-03-08 | CVE-2024-13895 | cve | The The Code Snippets CPT plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.1.0. This is due to the software allowing u... |
| 4.3 | 2025-03-08 | CVE-2025-1481 | cve | The Shortcode Cleaner Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the download_backup() function in all versions ... |
| 6.5 | 2025-03-08 | CVE-2025-1504 | cve | The Post Lockdown plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.0.2 via the 'pl_autocomplete' AJAX action due to i... |
| 5.9 | 2025-03-08 | CVE-2024-13640 | cve | The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.4.1 via the '... |
| N/A | 2025-03-08 | CVE-2025-27839 | cve | operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that causes verification... |
| 9.8 | 2025-03-07 | CVE-2025-2097 | cve | A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This issue affects the function setRptWizardCfg of the file /cgi-bi... |
| 5.4 | 2025-03-07 | CVE-2025-26643 | cve | The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. |
| N/A | 2025-03-07 | CVE-2025-2024 | cve | Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected in... |
| N/A | 2025-03-07 | CVE-2024-42733 | cve | An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary code via a crafted script to the UNC path input |
| Page(s) : 1 ... 787 788 789 790 791 792 793 794 795 796 [797] 798 799 800 801 802 803 804 805 806 807 ... | Result(s) : 325916 |
