9.8

CVSS3.1

CVE-2025-39349 - WordPress CiyaShop theme <= 4.18.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Potenzaglobalsolutions CiyaShop ciyashop allows Object Injection.This issue affects CiyaShop: from n/a through <= 4.18.0.

๐Ÿ“… Published: May 19, 2025, 7:51 p.m. ๐Ÿ”„ Last Modified: April 23, 2026, 3:29 p.m.

8.2

CVSS3.1

CVE-2025-39350 - WordPress wProject theme < 5.8.0 - Unauthenticated Post/Comment/Attachment Modification/Deletion vuโ€ฆ

Missing Authorization vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0.

๐Ÿ“… Published: May 19, 2025, 7:50 p.m. ๐Ÿ”„ Last Modified: April 28, 2026, 4:12 p.m.

8.2

CVSS3.1

CVE-2025-39352 - WordPress Grand Restaurant WordPress theme <= 7.0 - Arbitrary Options Deletion vulnerability

Missing Authorization vulnerability in ThemeGoods Grand Restaurant grandrestaurant allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Grand Restaurant: from n/a through <= 7.0.

๐Ÿ“… Published: May 19, 2025, 7:49 p.m. ๐Ÿ”„ Last Modified: April 23, 2026, 3:29 p.m.

9.8

CVSS3.1

CVE-2025-39354 - WordPress Grand Conference theme <= 5.3 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Conference grandconference allows Object Injection.This issue affects Grand Conference: from n/a through <= 5.3.

๐Ÿ“… Published: May 19, 2025, 7:48 p.m. ๐Ÿ”„ Last Modified: April 23, 2026, 3:29 p.m.

8.5

CVSS3.1

CVE-2025-39355 - WordPress FAT Services Booking plugin <= 5.6 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in roninwp FAT Services Booking fat-services-booking allows SQL Injection.This issue affects FAT Services Booking: from n/a through <= 5.6.

๐Ÿ“… Published: May 19, 2025, 7:46 p.m. ๐Ÿ”„ Last Modified: April 23, 2026, 3:29 p.m.

9.8

CVSS3.1

CVE-2025-39356 - WordPress Foodbakery Sticky Cart plugin <= 3.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Chimpstudio Foodbakery Sticky Cart foodbakery-sticky-cart allows Object Injection.This issue affects Foodbakery Sticky Cart: from n/a through <= 3.2.

๐Ÿ“… Published: May 19, 2025, 7:45 p.m. ๐Ÿ”„ Last Modified: April 23, 2026, 3:29 p.m.

8.5

CVSS3.1

CVE-2025-39357 - WordPress Hospital Management System plugin <= 47.0(20-11-2023) - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla Hospital Management System hospital-management allows SQL Injection.This issue affects Hospital Management System: from n/a through <= 47.0(20-11-2023).

๐Ÿ“… Published: May 19, 2025, 7:43 p.m. ๐Ÿ”„ Last Modified: April 23, 2026, 3:29 p.m.

5.3

CVSS3.1

CVE-2025-46441 - WordPress Section Widget plugin <= 3.3.1 - Path Traversal vulnerability

Path Traversal: '.../...//' vulnerability in ctltwp Section Widget section-widget allows Path Traversal.This issue affects Section Widget: from n/a through <= 3.3.1.

๐Ÿ“… Published: May 19, 2025, 7:42 p.m. ๐Ÿ”„ Last Modified: April 23, 2026, 3:29 p.m.

7.1

CVSS3.1

CVE-2025-39365 - WordPress wProject theme < 5.8.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rocket Apps wProject allows Reflected XSS.This issue affects wProject: from n/a before 5.8.0.

๐Ÿ“… Published: May 19, 2025, 7:40 p.m. ๐Ÿ”„ Last Modified: April 28, 2026, 4:12 p.m.

8.8

CVSS3.1

CVE-2025-39366 - WordPress wProject theme < 5.8.0 - Subscriber+ Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0.

๐Ÿ“… Published: May 19, 2025, 7:39 p.m. ๐Ÿ”„ Last Modified: April 28, 2026, 4:12 p.m.
Total resulsts: 349182
Page 5327 of 34,919
ยซ previous page ยป next page
Filters