7.5
CVE-2025-8980 - Tenda G1 Firmware Update check_upload_file data authenticity
A vulnerability has been found in Tenda G1 16.01.7.8(3660). Affected by this issue is the function check_upload_file of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack may be launched remotely. The complexity of an attack iβ¦
7.5
CVE-2025-8979 - Tenda AC15 Firmware Update check_fw data authenticity
A vulnerability was identified in Tenda AC15 15.13.07.13. Affected by this vulnerability is the function check_fw_type/split_fireware/check_fw of the component Firmware Update Handler. The manipulation leads to insufficient verification of data authenticity. The attack can be launched remotely. Theβ¦
7.5
CVE-2025-8978 - D-Link DIR-619L boa FirmwareUpgrade data authenticity
A vulnerability was determined in D-Link DIR-619L 6.02CN02. Affected is the function FirmwareUpgrade of the component boa. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitaβ¦
5.1
CVE-2025-8976 - givanz Vvveb Endpoint post cross site scripting
A vulnerability has been found in givanz Vvveb up to 1.0.5. This vulnerability affects unknown code of the file /vadmin123/index.php?module=content/post&type=post of the component Endpoint. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been diβ¦
5.1
CVE-2025-8975 - givanz Vvveb edit.tpl cross site scripting
A vulnerability was identified in givanz Vvveb up to 1.0.5. This affects an unknown part of the file admin/template/content/edit.tpl. The manipulation of the argument slug leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public andβ¦
7.1
CVE-2025-52765 - WordPress NetInsight Analytics Implementation Plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) Vβ¦
Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation Plugin netinsight-analytics-implementation-plugin allows Stored XSS.This issue affects NetInsight Analytics Implementation Plugin: from n/a through <= 1.0.3.
4.3
CVE-2025-52767 - WordPress NetInsight Analytics Implementation Plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) Vβ¦
Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation Plugin netinsight-analytics-implementation-plugin allows Cross Site Request Forgery.This issue affects NetInsight Analytics Implementation Plugin: from n/a through <= 1.0.3.
4.3
CVE-2025-52769 - WordPress flexo-social-gallery Plugin <= 1.0006 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in flexostudio flexo-social-gallery flexo-social-gallery allows Cross Site Request Forgery.This issue affects flexo-social-gallery: from n/a through <= 1.0006.
6.5
CVE-2025-52771 - WordPress Video Expander Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bcupham Video Expander video-expander allows Stored XSS.This issue affects Video Expander: from n/a through <= 1.0.
8.2
CVE-2025-52797 - WordPress StoryMap Plugin <= 2.1 - Cross Site Request Forgery (CSRF) Vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in josepsitjar StoryMap wp-storymap allows SQL Injection.This issue affects StoryMap: from n/a through <= 2.1.