| Page(s) : 1 ... 70 71 72 73 74 75 76 77 78 79 [80] 81 82 83 84 85 86 87 88 89 90 ... | Result(s) : 124961 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.4 | 2025-04-22 | CVE-2025-46227 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brecht Custom Related Posts allows Stored XSS. This issue affects... |
| 5.4 | 2025-04-22 | CVE-2025-46226 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ferranfg MPL-Publisher allows Stored XSS. This issue affects MPL-... |
| 5.4 | 2025-04-22 | CVE-2025-46225 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Post in page for Elementor allows DOM-Based XSS. This iss... |
| 6.3 | 2025-04-22 | CVE-2025-3856 | cve | A vulnerability was found in xxyopen Novel-Plus 5.1.0. It has been classified as critical. This affects the function searchByPage of the file /book/searchByPage. The manipulatio... |
| 4.3 | 2025-04-22 | CVE-2025-3855 | cve | A vulnerability was found in CodeCanyon RISE Ultimate Project Manager 3.8.2 and classified as problematic. Affected by this issue is some unknown functionality of the file /inde... |
| 4.3 | 2025-04-22 | CVE-2025-3849 | cve | A vulnerability classified as problematic was found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This vulnerability affects unknown code of the file /api/studentPWD. The manipulati... |
| 6.4 | 2025-04-22 | CVE-2025-3814 | cve | The Tax Switch for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class-name’ parameter in all versions up to, and including, 1.4.2 due t... |
| 4.3 | 2025-04-22 | CVE-2025-3518 | cve | It technically possible for a user to upload a file to a conversation despite the file upload functionality being disabled. The file upload functionality can be enabled or disa... |
| 5.4 | 2025-04-22 | CVE-2025-3458 | cve | The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ocean_gallery_id’ parameter in all versions up to, and including, 2.4.6 due to in... |
| 5.4 | 2025-04-22 | CVE-2025-3457 | cve | The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'oceanwp_icon' shortcode in all versions up to, and including, ... |
| 4.3 | 2025-04-22 | CVE-2025-32788 | cve | OctoPrint provides a web interface for controlling consumer 3D printers. In versions up to and including 1.10.3, OctoPrint has a vulnerability that allows an attacker to bypass ... |
| 4.6 | 2025-04-22 | CVE-2025-31328 | cve | SAP Learning Solution is vulnerable to Cross-Site Request Forgery (CSRF), allowing an attacker to trick authenticated user into sending unintended requests to the server. GET-ba... |
| 4.3 | 2025-04-22 | CVE-2025-31327 | cve | SAP Field Logistics Manage Logistics application OData meta-data property is vulnerable to data tampering, due to which certain fields could be externally modified by an attacke... |
| 6.4 | 2025-04-22 | CVE-2025-2839 | cve | The WP Import Export Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpiePreviewData’ function in all versions up to, and including, 3.9.27 due t... |
| 4.1 | 2025-04-22 | CVE-2025-27907 | cve | IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the... |
| 5.3 | 2025-04-21 | CVE-2025-43970 | cve | An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending ... |
| 4.3 | 2025-04-21 | CVE-2025-3843 | cve | A vulnerability was found in panhainan DS-Java 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery.... |
| 6.3 | 2025-04-21 | CVE-2025-3842 | cve | A vulnerability was found in panhainan DS-Java 1.0 and classified as critical. This issue affects the function uploadUserPic.action of the file src/com/phn/action/FileUpload.jav... |
| 6.1 | 2025-04-20 | CVE-2025-43954 | cve | QMarkdown (aka quasar-ui-qmarkdown) before 2.0.5 allows XSS via headers even when when no-html is set. |
| 5.3 | 2025-04-20 | CVE-2025-43921 | cve | GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that t... |
| Page(s) : 1 ... 70 71 72 73 74 75 76 77 78 79 [80] 81 82 83 84 85 86 87 88 89 90 ... | Result(s) : 124961 |
