Vulnerabilities

CVE Alert: CVE-2025-3830

April 21, 2025

Vulnerability Summary: CVE-2025-3830 A vulnerability was found in kuangstudy KuangSimpleBBS 1.0. It has been declared as critical. Affected by this...

CVE Alert: CVE-2020-36845

April 21, 2025

Vulnerability Summary: CVE-2020-36845 The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the...

CVE Alert: CVE-2025-43954

April 21, 2025

Vulnerability Summary: CVE-2025-43954 QMarkdown (aka quasar-ui-qmarkdown) before 2.0.5 allows XSS via headers even when when no-html is set. Affected Endpoints:...

CVE Alert: CVE-2025-43955

April 21, 2025

Vulnerability Summary: CVE-2025-43955 TwsCachedXPathAPI in Convertigo through 8.3.4 does not restrict the use of commons-jxpath APIs. Affected Endpoints: No affected...

CVE Alert: CVE-2020-36844

April 21, 2025

Vulnerability Summary: CVE-2020-36844 The KnowBe4 Security Awareness Training application before 2020-01-10 allows reflected XSS. The response has a SCRIPT element...

CVE Alert: CVE-2025-2010

April 20, 2025

Vulnerability Summary: CVE-2025-2010 The JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress is vulnerable...

CVE Alert: CVE-2025-3278

April 20, 2025

Vulnerability Summary: CVE-2025-3278 The UrbanGo Membership plugin for WordPress is vulnerable to privilege escalation in versions up to, and including,...

CVE Alert: CVE-2025-1093

April 20, 2025

Vulnerability Summary: CVE-2025-1093 The AIHub theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation...

CVE Alert: CVE-2025-3284

April 20, 2025

Vulnerability Summary: CVE-2025-3284 The User Registration & Membership – Custom Registration Form, Login Form, and User Profile plugin for WordPress...

CVE Alert: CVE-2025-3809

April 20, 2025

Vulnerability Summary: CVE-2025-3809 The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the auto-refresh debug...

CVE Alert: CVE-2025-1457

April 20, 2025

Vulnerability Summary: CVE-2025-1457 The Element Pack Addons for Elementor – Free Templates and Widgets for Your WordPress Websites plugin for...

CVE Alert: CVE-2025-3275

April 20, 2025

Vulnerability Summary: CVE-2025-3275 The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the TF...

CVE Alert: CVE-2025-2111

April 20, 2025

Vulnerability Summary: CVE-2025-2111 The Insert Headers And Footers plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions...

CVE Alert: CVE-2025-3103

April 20, 2025

Vulnerability Summary: CVE-2025-3103 The CLEVER - HTML5 Radio Player With History - Shoutcast and Icecast - Elementor Widget Addon plugin...

CVE Alert: CVE-2025-3798

April 20, 2025

Vulnerability Summary: CVE-2025-3798 A vulnerability, which was classified as critical, has been found in WCMS 11. This issue affects the...

CVE Alert: CVE-2021-4455

April 20, 2025

Vulnerability Summary: CVE-2021-4455 The Wordpress Plugin Smart Product Review plugin for WordPress is vulnerable to arbitrary file uploads due to...

CVE Alert: CVE-2025-3797

April 20, 2025

Vulnerability Summary: CVE-2025-3797 A vulnerability classified as critical was found in SeaCMS up to 13.3. This vulnerability affects unknown code...

CVE Alert: CVE-2025-3661

April 20, 2025

Vulnerability Summary: CVE-2025-3661 The SB Chart block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘className’ parameter...

CVE Alert: CVE-2025-3404

April 20, 2025

Vulnerability Summary: CVE-2025-3404 The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path...

CVE Alert: CVE-2025-3800

April 20, 2025

Vulnerability Summary: CVE-2025-3800 A vulnerability has been found in WCMS 11 and classified as critical. Affected by this vulnerability is...

CVE Alert: CVE-2025-3799

April 20, 2025

Vulnerability Summary: CVE-2025-3799 A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function...

CVE Alert: CVE-2025-3802

April 20, 2025

Vulnerability Summary: CVE-2025-3802 A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been declared as critical. This...

CVE Alert: CVE-2025-3803

April 20, 2025

Vulnerability Summary: CVE-2025-3803 A vulnerability was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). It has been rated as critical. This...

CVE Alert: CVE-2025-3801

April 20, 2025

Vulnerability Summary: CVE-2025-3801 A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This...

Vulnerabilities

CVE Alert: CVE-2025-3830

CVE Alert: CVE-2020-36845

CVE Alert: CVE-2025-43954

CVE Alert: CVE-2025-43955

CVE Alert: CVE-2020-36844

CVE Alert: CVE-2025-2010

CVE Alert: CVE-2025-3278

CVE Alert: CVE-2025-1093

CVE Alert: CVE-2025-3284

CVE Alert: CVE-2025-3809

CVE Alert: CVE-2025-1457

CVE Alert: CVE-2025-3275

CVE Alert: CVE-2025-2111

CVE Alert: CVE-2025-3103

CVE Alert: CVE-2025-3798

CVE Alert: CVE-2021-4455

CVE Alert: CVE-2025-3797

CVE Alert: CVE-2025-3661

CVE Alert: CVE-2025-3404

CVE Alert: CVE-2025-3800

CVE Alert: CVE-2025-3799

CVE Alert: CVE-2025-3802

CVE Alert: CVE-2025-3803

CVE Alert: CVE-2025-3801

[RHYSIDA] – Ransomware Victim: Acos Favorit

[RALORD] – Ransomware Victim: agromate company

Microsoft Monthly Security Update (March 2025)

F5 Products Denial of Service Vulnerability

SonicWall Products Remote Code Execution Vulnerability

You may have missed