CVE Alert: CVE-2024-9133
Vulnerability Summary: CVE-2024-9133 A user with administrator privileges is able to retrieve authentication tokens Affected Endpoints: No affected endpoints listed....
Vulnerabilities
CVE Alert: CVE-2025-23112
Vulnerability Summary: CVE-2025-23112 An issue was discovered in REDCap 14.9.6. A stored cross-site scripting (XSS) vulnerability allows authenticated users to...
CVE Alert: CVE-2024-47520
Vulnerability Summary: CVE-2024-47520 A user with advanced report application access rights can perform actions for which they are not authorized...
CVE Alert: CVE-2024-47519
Vulnerability Summary: CVE-2024-47519 Backup uploads to ETM subject to man-in-the-middle interception Affected Endpoints: No affected endpoints listed. Published Date: 1/10/2025,...
CVE Alert: CVE-2024-7142
Vulnerability Summary: CVE-2024-7142 On Arista CloudVision Appliance (CVA) affected releases running on appliances that support hardware disk encryption (DCA-350E-CV only),...
CVE Alert: CVE-2024-47518
Vulnerability Summary: CVE-2024-47518 Specially constructed queries targeting ETM could discover active remote access sessions Affected Endpoints: No affected endpoints listed....
CVE Alert: CVE-2024-9134
Vulnerability Summary: CVE-2024-9134 Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights...
CVE Alert: CVE-2024-9188
Vulnerability Summary: CVE-2024-9188 Specially constructed queries cause cross platform scripting leaking administrator tokens Affected Endpoints: No affected endpoints listed. Published...
CVE Alert: CVE-2025-23111
Vulnerability Summary: CVE-2025-23111 An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name, exposing...
CVE Alert: CVE-2025-23110
Vulnerability Summary: CVE-2025-23110 An issue was discovered in REDCap 14.9.6. A Reflected cross-site scripting (XSS) vulnerability in the email-subject field...
CVE Alert: CVE-2025-23113
Vulnerability Summary: CVE-2025-23113 An issue was discovered in REDCap 14.9.6. It has an action=myprojects&logout=1 CSRF issue in the alert-title while...
CVE Alert: CVE-2025-22806
Vulnerability Summary: CVE-2025-22806 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For...
CVE Alert: CVE-2025-22808
Vulnerability Summary: CVE-2025-22808 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Surbma Surbma | Premium WP...
CVE Alert: CVE-2025-22807
Vulnerability Summary: CVE-2025-22807 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robert Peake Responsive Flickr Slideshow...
CVE Alert: CVE-2025-22818
Vulnerability Summary: CVE-2025-22818 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in S3Bubble S3Player – WooCommerce &...
CVE Alert: CVE-2025-22817
Vulnerability Summary: CVE-2025-22817 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Venutius BP Profile Shortcodes Extra...
CVE Alert: CVE-2025-22814
Vulnerability Summary: CVE-2025-22814 Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Admin Theme allows Cross Site Request Forgery.This issue...
CVE Alert: CVE-2025-22813
Vulnerability Summary: CVE-2025-22813 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ChatBot for WordPress - WPBot...
CVE Alert: CVE-2025-22824
Vulnerability Summary: CVE-2025-22824 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lucia Intelisano Live Flight Radar...
CVE Alert: CVE-2025-22815
Vulnerability Summary: CVE-2025-22815 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins LLC Button Block allows...
CVE Alert: CVE-2025-22812
Vulnerability Summary: CVE-2025-22812 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FlickDevs News Ticker Widget for...
CVE Alert: CVE-2025-22819
Vulnerability Summary: CVE-2025-22819 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 4wpbari Qr Code and Barcode...
CVE Alert: CVE-2025-22821
Vulnerability Summary: CVE-2025-22821 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vfthemes StorePress allows DOM-Based XSS.This...
CVE Alert: CVE-2025-22823
Vulnerability Summary: CVE-2025-22823 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Twerdy Genesis Style Shortcodes...
