6.5

CVSS3.1

CVE-2025-58784 - WordPress ARI Fancy Lightbox Plugin <= 1.4.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through <= 1.4.0.

📅 Published: Sept. 5, 2025, 1:44 p.m. 🔄 Last Modified: April 23, 2026, 3:33 p.m.

4.3

CVSS3.1

CVE-2025-58783 - WordPress Gutentor plugin <= 3.5.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in gutentor Gutentor gutentor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutentor: from n/a through <= 3.5.5.

📅 Published: Sept. 5, 2025, 1:44 p.m. 🔄 Last Modified: April 23, 2026, 3:33 p.m.

5.4

CVSS3.1

CVE-2025-8695 - Reflected XSS in Netcad Software's NetGIS Server

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Netcad NetGIS Server allows Reflected XSS.This issue affects NetGIS Server: from 5.2.4 through 22.08.2025.

📅 Published: Sept. 5, 2025, 1:44 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

3.2

CVSS3.1

CVE-2024-21977 -

Incomplete cleanup after loading a CPU microcode patch may allow a privileged attacker to degrade the entropy of the RDRAND instruction, potentially resulting in loss of integrity for SEV-SNP guests.

📅 Published: Sept. 5, 2025, 12:58 p.m. 🔄 Last Modified: April 15, 2026, 12:35 a.m.

0.0