| Page(s) : 1 ... 907 908 909 910 911 912 913 914 915 916 [917] 918 919 920 921 922 923 924 925 926 927 ... | Result(s) : 326177 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-02-26 | CVE-2024-13632 | cve | The WP Extra Fields WordPress plugin through 1.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting wh... |
| N/A | 2025-02-26 | CVE-2024-13633 | cve | The Simple catalogue WordPress plugin through 1.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting w... |
| N/A | 2025-02-26 | CVE-2024-13634 | cve | The Post Sync WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which coul... |
| N/A | 2025-02-26 | CVE-2024-13669 | cve | The CalendApp WordPress plugin through 1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which coul... |
| N/A | 2025-02-26 | CVE-2024-13678 | cve | The R3W InstaFeed WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which ... |
| 5.4 | 2025-02-26 | CVE-2024-13803 | cve | The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘data-marker’ parameter in a... |
| 8.4 | 2025-02-26 | CVE-2024-39441 | cve | In wifi display, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. |
| N/A | 2025-02-26 | CVE-2024-47051 | cve | This advisory addresses two critical security vulnerabilities present in Mautic versions before 5.2.3. These vulnerabilities could be exploited by authenticated users. * Rem... |
| N/A | 2025-02-26 | CVE-2024-47053 | cve | This advisory addresses an authorization vulnerability in Mautic's HTTP Basic Authentication implementation. This flaw could allow unauthorized access to sensitive report d... |
| 4.4 | 2025-02-26 | CVE-2024-6810 | cve | The Quiz Organizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.9.1 due to insufficient input sanitization and outpu... |
| 6.5 | 2025-02-26 | CVE-2025-0731 | cve | An unauthenticated remote attacker can upload a .aspx file instead of a PV system picture through the demo account. The code can only be executed in the security context of the ... |
| 5.4 | 2025-02-26 | CVE-2025-1517 | cve | The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) plugin for WordPress is vulnerable to St... |
| N/A | 2025-02-26 | CVE-2025-26698 | cve | Incorrect resource transfer between spheres issue exists in RevoWorks SCVX and RevoWorks Browser. If exploited, malicious files may be downloaded to the system where using the p... |
| 6.1 | 2025-02-26 | CVE-2025-0719 | cve | IBM Cloud Pak for Data 4.0.0 through 4.8.5 and 5.0.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript c... |
| N/A | 2025-02-26 | CVE-2025-26925 | cve | Cross-Site Request Forgery (CSRF) vulnerability in Required Admin Menu Manager allows Cross Site Request Forgery.This issue affects Admin Menu Manager: from n/a through 1.0.3. |
| N/A | 2025-02-26 | CVE-2025-0760 | cve | A Credential Disclosure vulnerability exists where an administrator could extract the stored SMTP account credentials due to lack of encryption. |
| N/A | 2025-02-26 | CVE-2025-1091 | cve | A Broken Authorization schema exists where any authenticated user could download IOA script and configuration files if the URL is known. |
| N/A | 2025-02-25 | CVE-2024-30150 | cve | HCL MyCloud is affected by Improper Access Control - an unauthenticated privilege escalation vulnerability which may lead to information disclosure and potential for Server-Side... |
| 6.5 | 2025-02-25 | CVE-2024-36259 | cve | Improper access control in mail module of Odoo Community 17.0 and Odoo Enterprise 17.0 allows remote authenticated attackers to extract sensitive information via an oracle-based... |
| 9.8 | 2025-02-25 | CVE-2025-27135 | cve | RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. Versions 0.15.1 and prior are vulnerable to SQL injection. The ExeSQL component extracts the SQL statement... |
| Page(s) : 1 ... 907 908 909 910 911 912 913 914 915 916 [917] 918 919 920 921 922 923 924 925 926 927 ... | Result(s) : 326177 |
