5.5

CVSS3.1

CVE-2025-5699 - Developer Formatter <= 2015.0.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via …

The Developer Formatter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom CSS in all versions up to, and including, 2015.0.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level acce…

πŸ“… Published: June 6, 2025, 6:42 a.m. πŸ”„ Last Modified: April 21, 2026, 8:30 p.m.

6.4

CVSS3.1

CVE-2025-5586 - WordPress Ajax Load More and Infinite Scroll <= 1.6.0 - Authenticated (Contributor+) Stored Cross-S…

The WordPress Ajax Load More and Infinite Scroll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the β€˜id’ parameter in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with …

πŸ“… Published: June 6, 2025, 6:42 a.m. πŸ”„ Last Modified: April 22, 2026, 1:30 a.m.

5.4

CVSS3.1

CVE-2025-5019 - Hive Support <= 1.2.5 - Cross-Site Request Forgery via hs_update_ai_chat_settings Function

The Hive Support | AI-Powered Help Desk, Live Chat & AI Chat Bot Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.5. This is due to missing or incorrect nonce validation on the hs_update_ai_chat_settings() function. This…

πŸ“… Published: June 6, 2025, 6:42 a.m. πŸ”„ Last Modified: April 22, 2026, 4:15 a.m.

6.4

CVSS3.1

CVE-2025-5534 - ESV Bible Shortcode for WordPress <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripti…

The ESV Bible Shortcode for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'esv' shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for aut…

πŸ“… Published: June 6, 2025, 6:42 a.m. πŸ”„ Last Modified: April 22, 2026, 1:30 a.m.

6.4

CVSS3.1

CVE-2025-5533 - Knowledge Base <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Knowledge Base plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'kbalert' shortcode in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated atta…

πŸ“… Published: June 6, 2025, 6:42 a.m. πŸ”„ Last Modified: April 21, 2026, 8:30 p.m.

4

CVSS3.1

CVE-2024-58114 -

Resource allocation control failure vulnerability in the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability.

πŸ“… Published: June 6, 2025, 6:42 a.m. πŸ”„ Last Modified: July 11, 2025, 2:33 p.m.

6.2

CVSS3.1

CVE-2025-48907 -

Deserialization vulnerability in the IPC module Impact: Successful exploitation of this vulnerability may affect availability.

πŸ“… Published: June 6, 2025, 6:41 a.m. πŸ”„ Last Modified: July 11, 2025, 2:24 p.m.

8.8

CVSS3.1

CVE-2025-48906 -

Authentication bypass vulnerability in the DSoftBus module Impact: Successful exploitation of this vulnerability may affect availability.

πŸ“… Published: June 6, 2025, 6:40 a.m. πŸ”„ Last Modified: July 11, 2025, 2:30 p.m.

8.1

CVSS3.1

CVE-2025-48905 -

Wasm exception capture vulnerability in the arkweb v8 module Impact: Successful exploitation of this vulnerability may cause the failure to capture specific Wasm exception types.

πŸ“… Published: June 6, 2025, 6:38 a.m. πŸ”„ Last Modified: July 11, 2025, 2:29 p.m.

4.4

CVSS3.1

CVE-2025-48904 -

Vulnerability that cards can call unauthorized APIs in the FRS process Impact: Successful exploitation of this vulnerability may affect availability.

πŸ“… Published: June 6, 2025, 6:36 a.m. πŸ”„ Last Modified: July 11, 2025, 2:29 p.m.
Total resulsts: 349182
Page 5157 of 34,919
Β« previous page Β» next page
Filters