9.3
CVE-2025-30807 - WordPress Next-Cart Store to WooCommerce Migration plugin <= 3.9.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Martin Nguyen Next-Cart Store to WooCommerce Migration nextcart-woocommerce-migration allows SQL Injection.This issue affects Next-Cart Store to WooCommerce Migration: from n/a through <= 3.9.4.
7.1
CVE-2025-30778 - WordPress VForm plugin <= 3.1.9 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vikas Ratudi VPSUForm v-form allows Reflected XSS.This issue affects VPSUForm: from n/a through <= 3.1.9.
10
CVE-2025-30580 - WordPress DigiWidgets Image Editor plugin <= 1.10 - Remote Code Execution (RCE) Vulnerability
Improper Control of Generation of Code ('Code Injection') vulnerability in kellydiek DigiWidgets Image Editor digiwidgets-image-editor allows Remote Code Inclusion.This issue affects DigiWidgets Image Editor: from n/a through <= 1.10.
7.1
CVE-2025-30554 - WordPress Frizzly plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Abhishek Kumar Frizzly frizzly allows Reflected XSS.This issue affects Frizzly: from n/a through <= 1.1.0.
4.3
CVE-2025-31753 - WordPress Advanced Speed Increaser Plugin <= 2.2.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Animesh Kumar Advanced Speed Increaser advanced-speed-increaser.This issue affects Advanced Speed Increaser: from n/a through <= 2.2.1.
9.3
CVE-2025-3096 - Clinics Patient Management System SQL Injection
Clinicβs Patient Management System versions 2.0 suffers from a SQL injection vulnerability in the login page.
7.5
CVE-2025-31137 - Remix and React Router allow URL manipulation via Host / X-Forwarded-Host headers
React Router is a multi-strategy router for React bridging the gap from React 18 to React 19. There is a vulnerability in Remix/React Router that affects all Remix 2 and React Router 7 consumers using the Express adapter. Basically, this vulnerability allows anyone to spoof the URL used in an incomβ¦
0.0
CVE-2023-6800 - keycloak-core: Session Fixation
No description is available for this CVE.
5.5
CVE-2025-25041 - Arbitrary File Overwrite in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Clβ¦
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM (root). A successful exploit could allow the creation of a Denial-of-Service (DoS) condition affecting the Microsoft Windows Operating Sysβ¦
8.1
CVE-2025-31132 - Raven allows Remote Code Execution due to improper validation
Raven is an open-source messaging platform. A vulnerability allowed any logged in user to execute code via an API endpoint. This vulnerability is fixed in 2.1.10.