6.5
CVE-2025-22676 - WordPress Upcasted S3 Offload plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in upcasted AWS S3 for WordPress Plugin โ Upcasted upcasted-s3-offload allows Stored XSS.This issue affects AWS S3 for WordPress Plugin โ Upcasted: from n/a through <= 3.0.3.
5.3
CVE-2025-22291 - WordPress LTL Freight Quotes โ Worldwide Express Edition plugin <= 5.0.20 - Arbitrary Content Deletโฆ
Missing Authorization vulnerability in enituretechnology LTL Freight Quotes โ Worldwide Express Edition ltl-freight-quotes-worldwide-express-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes โ Worldwide Express Edition: from n/a thโฆ
9.3
CVE-2025-22290 - WordPress LTL Freight Quotes โ FreightQuote Edition Plugin <= 2.3.11 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology LTL Freight Quotes โ FreightQuote Edition ltl-freight-quotes-freightquote-edition allows SQL Injection.This issue affects LTL Freight Quotes โ FreightQuote Edition: from n/a throuโฆ
6.5
CVE-2025-22289 - WordPress LTL Freight Quotes โ Unishippers Edition plugin <= 2.5.8 - Broken Access Control vulnerabโฆ
Missing Authorization vulnerability in enituretechnology LTL Freight Quotes โ Unishippers Edition ltl-freight-quotes-unishippers-edition allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LTL Freight Quotes โ Unishippers Edition: from n/a through <= 2.5.8.
7.1
CVE-2025-22286 - WordPress LTL Freight Quotes โ Worldwide Express Edition plugin <= 5.0.21 - Reflected Cross Site Scโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology LTL Freight Quotes โ Worldwide Express Edition ltl-freight-quotes-worldwide-express-edition allows Reflected XSS.This issue affects LTL Freight Quotes โ Worldwide Express Edition:โฆ
7.1
CVE-2025-22284 - WordPress LTL Freight Quotes โ Unishippers Edition plugin <= 2.5.8 - Reflected Cross Site Scriptingโฆ
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology LTL Freight Quotes โ Unishippers Edition ltl-freight-quotes-unishippers-edition allows Reflected XSS.This issue affects LTL Freight Quotes โ Unishippers Edition: from n/a through โฆ
7.1
CVE-2024-44044 - WordPress Oshine Modules plugin < 3.3.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandexponents Oshine Modules oshine-modules allows Reflected XSS.This issue affects Oshine Modules: from n/a through < 3.3.8.
5.1
CVE-2025-1360 - Internet Web Solutions Sublime CRM HTTP POST Request inicio.php cross site scripting
A vulnerability, which was classified as problematic, was found in Internet Web Solutions Sublime CRM up to 20250207. Affected is an unknown function of the file /crm/inicio.php of the component HTTP POST Request Handler. The manipulation of the argument msg_to leads to cross site scripting. It is โฆ
5.3
CVE-2025-1359 - SIAM Industria de Automaรงรฃo e Monitoramento qrcode.jsp cross site scripting
A vulnerability, which was classified as problematic, has been found in SIAM Industria de Automaรงรฃo e Monitoramento SIAM 2.0. This issue affects some unknown processing of the file /qrcode.jsp. The manipulation of the argument url leads to cross site scripting. The attack may be initiated remotely.โฆ
5.3
CVE-2025-1358 - Pix Software Vivaz cross-site request forgery
A vulnerability classified as problematic was found in Pix Software Vivaz 6.0.10. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contactโฆ