6.1

CVSS3.1

CVE-2025-43014 -

In JetBrains Toolbox App before 2.6 the SSH plugin established connections without sufficient user confirmation

๐Ÿ“… Published: April 17, 2025, 3:56 p.m. ๐Ÿ”„ Last Modified: April 17, 2025, 8:21 p.m.

6.9

CVSS3.1

CVE-2025-43013 -

In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible

๐Ÿ“… Published: April 17, 2025, 3:56 p.m. ๐Ÿ”„ Last Modified: April 17, 2025, 8:21 p.m.

8.3

CVSS3.1

CVE-2025-43012 -

In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible

๐Ÿ“… Published: April 17, 2025, 3:56 p.m. ๐Ÿ”„ Last Modified: April 18, 2025, 3:55 a.m.

4.2

CVSS3.1

CVE-2025-42921 -

In JetBrains Toolbox App before 2.6 host key verification was missing in SSH plugin

๐Ÿ“… Published: April 17, 2025, 3:56 p.m. ๐Ÿ”„ Last Modified: April 17, 2025, 8:21 p.m.

7.1

CVSS3.1

CVE-2025-23443 - WordPress Author Showcase plugin <= 1.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Claire Ryan Author Showcase allows Reflected XSS. This issue affects Author Showcase: from n/a through 1.4.3.

๐Ÿ“… Published: April 17, 2025, 3:48 p.m. ๐Ÿ”„ Last Modified: April 17, 2025, 8:21 p.m.

7.1

CVSS3.1

CVE-2025-23448 - WordPress visualslider Sldier plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dastan800 visualslider Sldier allows Reflected XSS. This issue affects visualslider Sldier: from n/a through 1.1.1.

๐Ÿ“… Published: April 17, 2025, 3:48 p.m. ๐Ÿ”„ Last Modified: April 17, 2025, 8:21 p.m.

6.5

CVSS3.1

CVE-2025-23773 - WordPress Delete All Posts plugin <= 1.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in mingocommerce Delete All Posts allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Delete All Posts: from n/a through 1.1.1.

๐Ÿ“… Published: April 17, 2025, 3:48 p.m. ๐Ÿ”„ Last Modified: April 17, 2025, 8:21 p.m.

7.1

CVSS3.1

CVE-2025-23782 - WordPress TotalContest Lite Plugin <= 2.8.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TotalSuite TotalContest Lite allows Reflected XSS. This issue affects TotalContest Lite: from n/a through 2.8.1.

๐Ÿ“… Published: April 17, 2025, 3:48 p.m. ๐Ÿ”„ Last Modified: April 17, 2025, 8:21 p.m.

7.1

CVSS3.1

CVE-2025-23855 - WordPress SpiderDisplay plugin <= 1.9.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fyljp SpiderDisplay allows Reflected XSS. This issue affects SpiderDisplay: from n/a through 1.9.1.

๐Ÿ“… Published: April 17, 2025, 3:48 p.m. ๐Ÿ”„ Last Modified: April 17, 2025, 8:21 p.m.

7.1

CVSS3.1

CVE-2025-23858 - WordPress Custom Users Order Plugin <= 4.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hiren Patel Custom Users Order allows Reflected XSS. This issue affects Custom Users Order: from n/a through 4.2.

๐Ÿ“… Published: April 17, 2025, 3:48 p.m. ๐Ÿ”„ Last Modified: April 17, 2025, 8:21 p.m.
Total resulsts: 291021
Page 23 of 29,103
ยซ previous page ยป next page
Filters