7.1
CVE-2025-52787 - WordPress Tennis Court Bookings plugin <= 1.2.7 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EZiHosting Tennis Court Bookings tennis-court-bookings allows Reflected XSS.This issue affects Tennis Court Bookings: from n/a through <= 1.2.7.
7.5
CVE-2025-52803 - WordPress Sala theme <= 1.1.3 - Broken Access Control Vulnerability
Missing Authorization vulnerability in uxper Sala allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Sala: from n/a through 1.1.3.
7.5
CVE-2025-52804 - WordPress Nuss theme <= 1.3.7.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in uxper Nuss nuss allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Nuss: from n/a through <= 1.3.7.1.
8.5
CVE-2025-52819 - WordPress Pakke EnvΓos plugin <= 1.0.2 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in pakkemx Pakke EnvΓos pakke allows SQL Injection.This issue affects Pakke EnvΓos: from n/a through <= 1.0.2.
9.8
CVE-2025-52836 - WordPress The E-Commerce ERP <= 2.1.1.3 - Privilege Escalation Vulnerability
Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP profitori allows Privilege Escalation.This issue affects The E-Commerce ERP: from n/a through <= 2.1.1.3.
8.7
CVE-2025-53757 - Insecure Cookie Flags Vulnerability in Digisol DG-GR6821AC Router
This vulnerability exists in Digisol DG-GR6821AC Router due to misconfiguration of both Secure and HttpOnly flags on session cookies associated with the router web interface. A remote attacker could exploit this vulnerability by capturing the session cookies transmitted over an unsecure HTTP connecβ¦
8.7
CVE-2025-53756 - Cleartext Transmission Vulnerability in Digisol DG-GR6821AC Router
This vulnerability exists in Digisol DG-GR6821AC Router due to cleartext transmission of credentials in its web management interface. A remote attacker could exploit this vulnerability by intercepting the network traffic and capturing cleartext credentials. Successful exploitation of this vulneraβ¦
5.1
CVE-2025-53755 - Cleartext Storage Vulnerability in Digisol DG-GR6821AC Router
This vulnerability exists in Digisol DG-GR6821AC Router due to storage of credentials and PINS without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the unencrypted data β¦
8.9
CVE-2024-9408 -
In Eclipse GlassFish since version 6.2.5 it is possible to perform a Server Side Request Forgery attack in specific endpoints.
5.1
CVE-2025-53754 - Hard-coded Credentials Vulnerability in Digisol DG-GR6821AC Router
This vulnerability exists in Digisol DG-GR6821AC Router due to hard-coded Root Access Credentials in system configuration of the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing the binary data to obtain the stored root acceβ¦