CVE Alert: CVE-2025-23811
Vulnerability Summary: CVE-2025-23811 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP2APP allows Reflected XSS....
Vulnerabilities
CVE Alert: CVE-2025-23806
Vulnerability Summary: CVE-2025-23806 Cross-Site Request Forgery (CSRF) vulnerability in ThemeFarmer Ultimate Subscribe allows Reflected XSS. This issue affects Ultimate Subscribe:...
CVE Alert: CVE-2025-23932
Vulnerability Summary: CVE-2025-23932 Deserialization of Untrusted Data vulnerability in NotFound Quick Count allows Object Injection. This issue affects Quick Count:...
CVE Alert: CVE-2025-23910
Vulnerability Summary: CVE-2025-23910 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Menus Plus+...
CVE Alert: CVE-2025-23882
Vulnerability Summary: CVE-2025-23882 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Download Codes allows...
CVE Alert: CVE-2025-23931
Vulnerability Summary: CVE-2025-23931 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound WordPress Local...
CVE Alert: CVE-2025-23918
Vulnerability Summary: CVE-2025-23918 Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Smallerik File Browser allows Upload a Web...
CVE Alert: CVE-2025-23921
Vulnerability Summary: CVE-2025-23921 Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Multi Uploader for Gravity Forms allows Upload...
CVE Alert: CVE-2025-23948
Vulnerability Summary: CVE-2025-23948 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebArea...
CVE Alert: CVE-2025-23953
Vulnerability Summary: CVE-2025-23953 Unrestricted Upload of File with Dangerous Type vulnerability in Innovative Solutions user files allows Upload a Web...
CVE Alert: CVE-2025-23959
Vulnerability Summary: CVE-2025-23959 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Linus Lundahl Good Old Gallery...
CVE Alert: CVE-2025-23966
Vulnerability Summary: CVE-2025-23966 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AlaFalaki a Gateway for Pasargad...
CVE Alert: CVE-2025-23949
Vulnerability Summary: CVE-2025-23949 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mihajlovic...
CVE Alert: CVE-2025-0638
Vulnerability Summary: CVE-2025-0638 The initial code parsing the manifest did not check the content of the file names yet later...
CVE Alert: CVE-2025-24027
Vulnerability Summary: CVE-2025-24027 ps_contactinfo, a PrestaShop module for displaying store contact information, has a cross-site scripting (XSS) vulnerability in versions...
CVE Alert: CVE-2025-23942
Vulnerability Summary: CVE-2025-23942 Unrestricted Upload of File with Dangerous Type vulnerability in NgocCode WP Load Gallery allows Upload a Web...
CVE Alert: CVE-2025-23944
Vulnerability Summary: CVE-2025-23944 Deserialization of Untrusted Data vulnerability in WOOEXIM.COM WOOEXIM allows Object Injection. This issue affects WOOEXIM: from n/a...
CVE Alert: CVE-2024-31903
Vulnerability Summary: CVE-2024-31903 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on...
CVE Alert: CVE-2025-23914
Vulnerability Summary: CVE-2025-23914 Deserialization of Untrusted Data vulnerability in NotFound Muzaara Google Ads Report allows Object Injection. This issue affects...
CVE Alert: CVE-2025-23809
Vulnerability Summary: CVE-2025-23809 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Blue Wrench Video Widget...
CVE Alert: CVE-2025-20128
Vulnerability Summary: CVE-2025-20128 A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an...
CVE Alert: CVE-2025-23992
Vulnerability Summary: CVE-2025-23992 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leetoo Toocheke Companion allows Stored...
CVE Alert: CVE-2025-20156
Vulnerability Summary: CVE-2025-20156 A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated attacker with...
CVE Alert: CVE-2024-12477
Vulnerability Summary: CVE-2024-12477 The Avada Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in...
