0.0
CVE-2025-31410 - WordPress WP Church Donation plugin <= 1.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Ashish Ajani WP Church Donation wp-church-donation allows Cross Site Request Forgery.This issue affects WP Church Donation: from n/a through <= 1.7.
5.1
CVE-2025-2983 - Legrand SMS PowerView os command injection
A vulnerability has been found in Legrand SMS PowerView 1.x and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument redirect leads to os command injection. The exploit has been disclosed to the public and may be used. The vendor was cβ¦
7.5
CVE-2025-2586 - Ols: unauthenticated metrics flooding in openshift lightspeed service leading to resource exhaustion
A flaw was found in the OpenShift Lightspeed Service, which is vulnerable to unauthenticated API request flooding. Repeated queries to non-existent endpoints inflate metrics storage and processing, consuming excessive resources. This issue can lead to monitoring system degradation, increased disk uβ¦
5.3
CVE-2025-2982 - Legrand SMS PowerView file inclusion
A vulnerability, which was classified as critical, was found in Legrand SMS PowerView 1.x. Affected is an unknown function. The manipulation of the argument redirect leads to file inclusion. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. β¦
5.1
CVE-2025-2981 - Legrand SMS PowerView cross site scripting
A vulnerability, which was classified as problematic, has been found in Legrand SMS PowerView 1.x. This issue affects some unknown processing. The manipulation of the argument redirect leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public β¦
5.3
CVE-2025-3019 - Cross-site scripting vulnerabilities in KNIME Business Hub web pages
KNIME Business Hub is affected by several cross-site scripting vulnerabilities in its web pages. If a user clicks on a malicious link or opens a malicious web page, arbitrary Java Script may be executed with this user's permissions. This can lead to information loss and/or modification of existing β¦
5.1
CVE-2025-2980 - Legrand SMS PowerView redirect
A vulnerability classified as problematic was found in Legrand SMS PowerView 1.x. This vulnerability affects unknown code. The manipulation of the argument redirect leads to open redirect. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendorβ¦
8.8
CVE-2025-2402 - Hard-coded password for object store of KNIME Business Hub
A hard-coded, non-random password for the object store (minio) of KNIME Business Hub in all versions except the ones listed below allows an unauthenticated remote attacker in possession of the password to read and manipulate swapped jobs or read and manipulate in- and output data of active jobs. Itβ¦
0.0
CVE-2025-31414 - WordPress Cost Calculator Builder plugin <= 3.2.65 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder allows Stored XSS.This issue affects Cost Calculator Builder: from n/a through <= 3.2.65.
0.0
CVE-2025-31412 - WordPress JetProductGallery plugin <= 2.1.22 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetProductGallery jet-woo-product-gallery allows DOM-Based XSS.This issue affects JetProductGallery: from n/a through <= 2.1.22.