| Page(s) : 1 ... 937 938 939 940 941 942 943 944 945 946 [947] 948 949 950 951 952 953 954 955 956 957 ... | Result(s) : 300527 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2025-02-18 | CVE-2024-12860 | cve | The CarSpot – Dealership Wordpress Classified Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.4.3. T... |
| 5.3 | 2025-02-18 | CVE-2024-13316 | cve | The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals, sales and more plugin for WordPress is vulnerable to unauthorized access due t... |
| 5.4 | 2025-02-18 | CVE-2024-13395 | cve | The Threepress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'threepress' shortcode in all versions up to, and including, 1.7... |
| 4.3 | 2025-02-18 | CVE-2024-13718 | cve | The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including... |
| 8.8 | 2025-02-18 | CVE-2024-13369 | cve | The Tour Master - Tour Booking, Travel, Hotel plugin for WordPress is vulnerable to time-based SQL Injection via the ‘review_id’ parameter in all versions up to, and including, ... |
| 6.1 | 2025-02-18 | CVE-2025-0981 | cve | A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to hijack a user's session by exploiting a Stored Cross Site Scripting (XSS) vulnerability in t... |
| 9.8 | 2025-02-18 | CVE-2025-1023 | cve | A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiting a time-based blind SQL Injection vulnerability in the... |
| N/A | 2025-02-18 | CVE-2025-25221 | cve | The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains an SQL injection vulnerability in pdf.php. If this vulnerability is exploit... |
| N/A | 2025-02-18 | CVE-2025-25222 | cve | The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains an SQL injection vulnerability in retrieve.php. If this vulnerability is ex... |
| N/A | 2025-02-18 | CVE-2025-25223 | cve | The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains a path traversal vulnerability in dloader.php. If this vulnerability is exp... |
| N/A | 2025-02-18 | CVE-2025-25224 | cve | The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains a missing authentication vulnerability in dloader.php. If this vulnerabilit... |
| 5.4 | 2025-02-18 | CVE-2024-13741 | cve | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Limited Server-Side Request Forgery in all versions up to, and including, 5.9.4.2 v... |
| 4.3 | 2025-02-18 | CVE-2024-13740 | cve | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.9.4.2 via ... |
| N/A | 2025-02-18 | CVE-2025-1390 | cve | The PAM module pam_cap.so of libcap configuration supports group names starting with “@”, during actual parsing, configurations not starting with “@” are incorrectly recognized ... |
| N/A | 2025-02-18 | CVE-2024-12314 | cve | The Rapid Cache plugin for WordPress is vulnerable to Cache Poisoning in all versions up to, and including, 1.2.3. This is due to plugin storing HTTP headers in the cached data.... |
| 5.4 | 2025-02-18 | CVE-2024-12525 | cve | The Easy MLS Listings Import plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'homeasap-featured-listings' shortcode in all vers... |
| 5.4 | 2025-02-18 | CVE-2024-12813 | cve | The Open Hours – Easy Opening Hours plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'open-hours-current-status' shortcode in a... |
| 5.4 | 2025-02-18 | CVE-2024-13464 | cve | The Library Bookshelves plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bookshelf' shortcode in all versions up to, and includ... |
| 5.4 | 2025-02-18 | CVE-2024-13501 | cve | The WP-FormAssembly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'formassembly' shortcode in all versions up to, and includi... |
| 5.4 | 2025-02-18 | CVE-2024-13522 | cve | The magayo Lottery Results plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.12. This is due to missing or incorrect non... |
| Page(s) : 1 ... 937 938 939 940 941 942 943 944 945 946 [947] 948 949 950 951 952 953 954 955 956 957 ... | Result(s) : 300527 |
