6.4
CVE-2025-8313 - Campus Directory <= 1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_mβ¦
The Campus Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βnoaccess_msgβ parameter in all versions up to, and including, 1.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level β¦
7.2
CVE-2025-7050 - Use-your-Drive | Google Drive plugin for WordPress <= 3.3.1- Unauthenticated Stored Cross-Site Scriβ¦
The Use-your-Drive | Google Drive plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' parameter in file metadata in all versions up to, and including, 3.3.1 due to insufficient input sanitization and output escaping. This makes it possible for attaβ¦
6.4
CVE-2025-8315 - WP Easy Contact <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msβ¦
The WP Easy Contact plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βnoaccess_msgβ parameter in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level aβ¦
6.3
CVE-2025-8549 - atjiu pybbs UserAdminController.java update weak password
A vulnerability was found in atjiu pybbs up to 6.0.0. It has been classified as critical. Affected is the function update of the file src/main/java/co/yiiu/pybbs/controller/admin/UserAdminController.java. The manipulation leads to weak password requirements. It is possible to launch the attack remoβ¦
0.0
CVE-2025-55023 -
Not used
0.0
CVE-2025-55024 -
Not used
0.0
CVE-2025-55025 -
Not used
0.0
CVE-2025-55026 -
Not used
0.0
CVE-2025-55027 -
Not used
0.0
CVE-2025-55019 -
Not used