0.0
CVE-2025-31416 - WordPress Awesome Event Booking plugin <= 2.8.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AwesomeTOGI Awesome Event Booking awesome-event-booking allows Reflected XSS.This issue affects Awesome Event Booking: from n/a through <= 2.8.4.
7.1
CVE-2025-31418 - WordPress Gravel theme <= 1.6 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in noonnoo Gravel allows Reflected XSS.This issue affects Gravel: from n/a through 1.6.
0.0
CVE-2025-3269 -
Red Hat Product Security has come to the conclusion that this CVE is not needed.
0.0
CVE-2025-31420 - WordPress wpForo Forum plugin <= 2.4.2 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum wpforo allows Privilege Escalation.This issue affects wpForo Forum: from n/a through <= 2.4.2.
0.0
CVE-2025-31421 - WordPress Srbtranslatin plugin <= 3.2.0 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Oblak Studio Srbtranslatin srbtranslatin allows Retrieve Embedded Sensitive Data.This issue affects Srbtranslatin: from n/a through <= 3.2.0.
4.8
CVE-2025-3189 - Stored Cross-Site Scripting (XSS) in DoWISP
Stored Cross-Site Scripting (XSS) in DoWISP in versions prior to 1.16.2.50, which consists of an stored XSS through the upload of a profile picture in SVG format with malicious Javascript code in it.
5.3
CVE-2025-3245 - itsourcecode Library Management System Forgot.java search sql injection
A vulnerability was found in itsourcecode Library Management System 1.0. It has been rated as critical. Affected by this issue is the function Search of the file library_management/src/Library_Management/Forgot.java. The manipulation of the argument txtuname leads to sql injection. The attack may bβ¦
5.3
CVE-2025-3244 - SourceCodester Web-based Pharmacy Product Management System Create User Page add-admin.php unrestriβ¦
A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /add-admin.php of the component Create User Page. The manipulation of the argument Avatar leads to uβ¦
5.3
CVE-2025-3243 - code-projects Patient Record Management System dental_form.php sql injection
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dental_form.php. The manipulation of the argument itr_no/dental_no leads to sql injection. The attack may be initiated remotely. The exβ¦
5.3
CVE-2025-3242 - PHPGurukul e-Diary Management System search-result.php sql injection
A vulnerability has been found in PHPGurukul e-Diary Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /search-result.php. The manipulation of the argument id/searchdata leads to sql injection. The attack can be initiated remotely. The exploit hasβ¦