0.0

CVE-2025-62756 - WordPress The Moneytizer plugin <= 10.0.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lvaudore The Moneytizer the-moneytizer allows DOM-Based XSS.This issue affects The Moneytizer: from n/a through <= 10.0.9.

πŸ“… Published: Dec. 31, 2025, 11:54 a.m. πŸ”„ Last Modified: April 1, 2026, 5:28 p.m.

0.0

CVE-2025-62757 - WordPress WebMan Amplifier plugin <= 1.5.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier webman-amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through <= 1.5.12.

πŸ“… Published: Dec. 31, 2025, 11:53 a.m. πŸ”„ Last Modified: April 1, 2026, 5:28 p.m.

0.0

CVE-2025-62991 - WordPress Minamaze theme <= 1.10.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thinkupthemes Minamaze minamaze allows Stored XSS.This issue affects Minamaze: from n/a through <= 1.10.1.

πŸ“… Published: Dec. 31, 2025, 11:51 a.m. πŸ”„ Last Modified: April 1, 2026, 5:28 p.m.

0.0

CVE-2025-63032 - WordPress Consulting theme <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thinkupthemes Consulting consulting allows Stored XSS.This issue affects Consulting: from n/a through <= 1.5.0.

πŸ“… Published: Dec. 31, 2025, 11:50 a.m. πŸ”„ Last Modified: April 1, 2026, 5:28 p.m.

8.7

CVSS4.0

CVE-2025-15389 - QNO Technology|VPN Firewall - OS Command Injection

VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

πŸ“… Published: Dec. 31, 2025, 9:12 a.m. πŸ”„ Last Modified: Jan. 5, 2026, 10:17 a.m.

0.0

CVE-2025-49028 - WordPress Zoho ZeptoMail plugin <= 3.3.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerab…

Cross-Site Request Forgery (CSRF) vulnerability in Zoho Mail Zoho ZeptoMail transmail allows Stored XSS.This issue affects Zoho ZeptoMail: from n/a through <= 3.3.1.

πŸ“… Published: Dec. 31, 2025, 9:05 a.m. πŸ”„ Last Modified: April 1, 2026, 5:24 p.m.

8.7

CVSS4.0

CVE-2025-15388 - QNO Technology|VPN Firewall - OS Command Injection

VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

πŸ“… Published: Dec. 31, 2025, 9:01 a.m. πŸ”„ Last Modified: Jan. 5, 2026, 10:17 a.m.

0.0

CVE-2025-62136 - WordPress Melos theme <= 1.6.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thinkupthemes Melos melos allows Stored XSS.This issue affects Melos: from n/a through <= 1.6.0.

πŸ“… Published: Dec. 31, 2025, 9 a.m. πŸ”„ Last Modified: April 1, 2026, 5:28 p.m.

8.1

CVSS3.1

CVE-2025-62992 - WordPress Everest Backup plugin <= 2.3.11 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in everestthemes Everest Backup everest-backup allows Path Traversal.This issue affects Everest Backup: from n/a through <= 2.3.11.

πŸ“… Published: Dec. 31, 2025, 8:59 a.m. πŸ”„ Last Modified: April 1, 2026, 5:28 p.m.

0.0

CVE-2025-62137 - WordPress Shuttle theme <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shuttlethemes Shuttle shuttle allows Stored XSS.This issue affects Shuttle: from n/a through <= 1.5.0.

πŸ“… Published: Dec. 31, 2025, 8:57 a.m. πŸ”„ Last Modified: April 1, 2026, 5:28 p.m.
Total resulsts: 343924
Page 1807 of 34,393
Β« previous page Β» next page
Filters