7.6
CVE-2025-32122 - WordPress uListing plugin <= 2.2.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix uListing ulisting allows Blind SQL Injection.This issue affects uListing: from n/a through <= 2.2.0.
7.6
CVE-2025-32121 - WordPress Video & Photo Gallery for Ultimate Member plugin <= 1.1.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SuitePlugins Video & Photo Gallery for Ultimate Member gallery-for-ultimate-member allows SQL Injection.This issue affects Video & Photo Gallery for Ultimate Member: from n/a through <= 1.1.3.
7.6
CVE-2025-32120 - WordPress Easy Query β WP Query Builder plugin <= 2.0.4 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in edanzer Easy Query β WP Query Builder easy-query allows Blind SQL Injection.This issue affects Easy Query β WP Query Builder: from n/a through <= 2.0.4.
9.1
CVE-2025-32118 - WordPress CMP β Coming Soon & Maintenance plugin <= 4.1.14 - Remote Code Execution (RCE) vulnerabilβ¦
Unrestricted Upload of File with Dangerous Type vulnerability in NiteoThemes CMP β Coming Soon & Maintenance cmp-coming-soon-maintenance allows Using Malicious Files.This issue affects CMP β Coming Soon & Maintenance: from n/a through <= 4.1.14.
7.1
CVE-2025-32113 - WordPress Libro de Reclamaciones y Quejas plugin <= 1.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Renzo Tejada Libro de Reclamaciones y Quejas libro-de-reclamaciones-y-quejas allows Cross Site Request Forgery.This issue affects Libro de Reclamaciones y Quejas: from n/a through <= 1.0.
7.1
CVE-2025-32112 - WordPress Sidebar Manager Light plugin <= 1.18 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Sidebar Manager Light sidebar-manager-light allows Cross Site Request Forgery.This issue affects Sidebar Manager Light: from n/a through <= 1.18.
7.8
CVE-2025-25178 - GPU DDK - PhysmemWrapExtMem uiSize=0 corrupts kernel memory
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause kernel system memory corruption.
7.1
CVE-2025-0468 - GPU DDK - ui64RobustnessAddress can overwrite Freelist / HWRT (and bypass PMMETA)
Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kerneβ¦
5.1
CVE-2025-3253 - xujiangfei admintwo insertTree cross site scripting
A vulnerability was found in xujiangfei admintwo 1.0 and classified as problematic. This issue affects some unknown processing of the file /ztree/insertTree. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to β¦
5.1
CVE-2025-3252 - xujiangfei admintwo add cross site scripting
A vulnerability has been found in xujiangfei admintwo 1.0 and classified as problematic. This vulnerability affects unknown code of the file /resource/add. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to thβ¦