CVE Alert: CVE-2025-27340
Vulnerability Summary: CVE-2025-27340 Cross-Site Request Forgery (CSRF) vulnerability in Marc F12-Profiler allows Cross Site Request Forgery. This issue affects F12-Profiler:...
Vulnerabilities
CVE Alert: CVE-2025-27355
Vulnerability Summary: CVE-2025-27355 Cross-Site Request Forgery (CSRF) vulnerability in Nicolas GRILLET Woocommerce – Loi Hamon allows Stored XSS. This issue...
CVE Alert: CVE-2025-27335
Vulnerability Summary: CVE-2025-27335 Cross-Site Request Forgery (CSRF) vulnerability in Free plug in by SEO Roma Auto Tag Links allows Cross...
CVE Alert: CVE-2025-27336
Vulnerability Summary: CVE-2025-27336 Cross-Site Request Forgery (CSRF) vulnerability in Alex Prokopenko / JustCoded Just Variables allows Cross Site Request Forgery....
CVE Alert: CVE-2025-27349
Vulnerability Summary: CVE-2025-27349 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nurelm Get Posts allows Stored...
CVE Alert: CVE-2025-27353
Vulnerability Summary: CVE-2025-27353 Cross-Site Request Forgery (CSRF) vulnerability in Bob Namaste! LMS allows Cross Site Request Forgery. This issue affects...
CVE Alert: CVE-2025-27348
Vulnerability Summary: CVE-2025-27348 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel WP Social SEO Booster...
CVE Alert: CVE-2025-27351
Vulnerability Summary: CVE-2025-27351 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpertBusinessSearch Local Search SEO Contact...
CVE Alert: CVE-2025-27352
Vulnerability Summary: CVE-2025-27352 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wumii team 无觅相关文章插件 allows Stored...
CVE Alert: CVE-2025-27347
Vulnerability Summary: CVE-2025-27347 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in techmix Direct Checkout Button for...
CVE Alert: CVE-2025-26803
Vulnerability Summary: CVE-2025-26803 The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during...
CVE Alert: CVE-2025-25460
Vulnerability Summary: CVE-2025-25460 A stored Cross-Site Scripting (XSS) vulnerability was identified in FlatPress 1.3.1 within the "Add Entry" feature. This...
CVE Alert: CVE-2025-27356
Vulnerability Summary: CVE-2025-27356 Missing Authorization vulnerability in Hardik Sticky Header On Scroll allows Exploiting Incorrectly Configured Access Control Security Levels....
CVE Alert: CVE-2025-27357
Vulnerability Summary: CVE-2025-27357 Cross-Site Request Forgery (CSRF) vulnerability in Musa AVCI Önceki Yazı Link allows Cross Site Request Forgery. This...
CVE Alert: CVE-2025-26201
Vulnerability Summary: CVE-2025-26201 Credential disclosure vulnerability via the /staff route in GreaterWMS
CVE Alert: CVE-2025-22495
Vulnerability Summary: CVE-2025-22495 An improper input validation vulnerability was discovered in the NTP server configuration field of the Network-M2 card....
CVE Alert: CVE-2025-27364
Vulnerability Summary: CVE-2025-27364 In MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e, a Remote Code Execution (RCE) vulnerability was found...
CVE Alert: CVE-2025-26200
Vulnerability Summary: CVE-2025-26200 SQL injection in SLIMS v.9.6.1 allows a remote attacker to escalate privileges via the month parameter in...
CVE Alert: CVE-2024-54820
Vulnerability Summary: CVE-2024-54820 XOne Web Monitor v02.10.2024.530 framework 1.0.4.9 was discovered to contain a SQL injection vulnerability in the login...
CVE Alert: CVE-2025-26527
Vulnerability Summary: CVE-2025-26527 Tags not expected to be visible to a user could still be discovered by them via the...
CVE Alert: CVE-2025-26529
Vulnerability Summary: CVE-2025-26529 Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS...
CVE Alert: CVE-2025-26528
Vulnerability Summary: CVE-2025-26528 The drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk. Affected...
CVE Alert: CVE-2025-26530
Vulnerability Summary: CVE-2025-26530 The question bank filter required additional sanitizing to prevent a reflected XSS risk. Affected Endpoints: No affected...
CVE Alert: CVE-2025-26531
Vulnerability Summary: CVE-2025-26531 Insufficient capability checks made it possible to disable badges a user does not have permission to access....
