0.0
CVE-2025-31386 - WordPress Simple:Press plugin <= 6.11.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in simplepress Simple:Press simplepress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple:Press: from n/a through <= 6.11.5.
6.9
CVE-2025-2989 - Tenda FH1202 Web Management Interface AdvSetWrl access control
A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been declared as critical. This vulnerability affects unknown code of the file /goform/AdvSetWrl of the component Web Management Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. The eβ¦
0.0
CVE-2025-30961 - WordPress Trackserver plugin <= 5.1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tinuzz Trackserver trackserver allows DOM-Based XSS.This issue affects Trackserver: from n/a through <= 5.1.0.
0.0
CVE-2025-3023 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.3
CVE-2025-2985 - code-projects Payroll Management System update_account.php sql injection
A vulnerability was found in code-projects Payroll Management System 1.0. It has been classified as critical. This affects an unknown part of the file update_account.php. The manipulation of the argument deduction leads to sql injection. It is possible to initiate the attack remotely. The exploit hβ¦
0.0
CVE-2025-31406 - WordPress ELEX WooCommerce Request a Quote plugin <= 2.3.9 - Broken Access Control vulnerability
Missing Authorization vulnerability in ELEXtensions ELEX WooCommerce Request a Quote elex-request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ELEX WooCommerce Request a Quote: from n/a through <= 2.3.9.
5.1
CVE-2025-2072 - Reflected Cross-Site Scripting (XSS) Vulnerability in FAST LTA Silent Brick WebUI
A Reflected Cross-Site Scripting (XSS) vulnerability has been discovered in FAST LTA Silent Brick WebUI, allowing attackers to inject malicious JavaScript code into web pages viewed by users. This issue arises when user-supplied input is improperly handled and reflected directly in the output of a β¦
10
CVE-2025-2071 - OS Command Injection Vulnerability in FAST LTA Silent Brick WebUI
A critical OS Command Injection vulnerability has been identified in the FAST LTA Silent Brick WebUI, allowing remote attackers to execute arbitrary operating system commands via specially crafted input. This vulnerability arises due to improper handling of untrusted input, which is passed directlyβ¦
5.3
CVE-2025-2984 - code-projects Payroll Management System delete.php sql injection
A vulnerability was found in code-projects Payroll Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /delete.php. The manipulation of the argument emp_id leads to sql injection. The attack may be launched remotely. The exploit has beeβ¦
0.0
CVE-2025-31410 - WordPress WP Church Donation plugin <= 1.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Ashish Ajani WP Church Donation wp-church-donation allows Cross Site Request Forgery.This issue affects WP Church Donation: from n/a through <= 1.7.