8.4

CVSS4.0

CVE-2025-1308 - PX Backup Improper Sanitization Vulnerability

A vulnerability exists in PX Backup whereby sensitive information may be logged under specific conditions.

πŸ“… Published: May 19, 2025, 9:18 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.9

CVSS3.1

CVE-2025-3223 - WorkstationST EGD Configuration Server Path Traversal Vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in GE Vernova WorkstationST on Windows (EGD Configuration Server modules) allows Path Traversal.This issue affects WorkstationST: WorkstationST V07.10.10C and earlier.

πŸ“… Published: May 19, 2025, 9:03 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2025-48340 - WordPress User Profile Meta Manager plugin <= 1.02 - CSRF to Privilege Escalation vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Danny Vink User Profile Meta Manager user-profile-meta allows Privilege Escalation.This issue affects User Profile Meta Manager: from n/a through <= 1.02.

πŸ“… Published: May 19, 2025, 8:33 p.m. πŸ”„ Last Modified: April 23, 2026, 3:31 p.m.

7.1

CVSS3.1

CVE-2025-31027 - WordPress Tiger theme <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jocoxdesign Tiger tiger allows Reflected XSS.This issue affects Tiger: from n/a through 2.0.

πŸ“… Published: May 19, 2025, 7:59 p.m. πŸ”„ Last Modified: April 28, 2026, 4:12 p.m.

8.5

CVSS3.1

CVE-2025-32924 - WordPress Revy plugin <= 2.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in roninwp Revy revy allows SQL Injection.This issue affects Revy: from n/a through <= 2.1.

πŸ“… Published: May 19, 2025, 7:57 p.m. πŸ”„ Last Modified: April 23, 2026, 3:29 p.m.

8.3

CVSS3.1

CVE-2025-32925 - WordPress SUMO Reward Points plugin <= 30.7.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FantasticPlugins SUMO Reward Points rewardsystem allows PHP Local File Inclusion.This issue affects SUMO Reward Points: from n/a through <= 30.7.0.

πŸ“… Published: May 19, 2025, 7:56 p.m. πŸ”„ Last Modified: April 23, 2026, 3:29 p.m.

9.8

CVSS3.1

CVE-2025-32926 - WordPress Grand Restaurant WordPress theme <= 7.0 - Path Traversal to PHP Object Injection vulnerab…

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Path Traversal.This issue affects Grand Restaurant: from n/a through <= 7.0.

πŸ“… Published: May 19, 2025, 7:55 p.m. πŸ”„ Last Modified: April 23, 2026, 3:29 p.m.

9.8

CVSS3.1

CVE-2025-32927 - WordPress FoodBakery plugin <= 3.3 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Chimpstudio FoodBakery wp-foodbakery allows Object Injection.This issue affects FoodBakery: from n/a through <= 3.3.

πŸ“… Published: May 19, 2025, 7:54 p.m. πŸ”„ Last Modified: April 23, 2026, 3:29 p.m.

9.8

CVSS3.1

CVE-2025-32928 - WordPress Altair theme <= 5.2.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeGoods Altair altair allows Object Injection.This issue affects Altair: from n/a through <= 5.2.2.

πŸ“… Published: May 19, 2025, 7:53 p.m. πŸ”„ Last Modified: April 23, 2026, 3:29 p.m.

9.8

CVSS3.1

CVE-2025-39348 - WordPress Grand Restaurant WordPress theme <= 7.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Object Injection.This issue affects Grand Restaurant: from n/a through <= 7.0.

πŸ“… Published: May 19, 2025, 7:52 p.m. πŸ”„ Last Modified: April 23, 2026, 3:29 p.m.
Total resulsts: 349182
Page 5326 of 34,919
Β« previous page Β» next page
Filters