6.5
CVE-2025-22821 - WordPress StorePress theme <= 1.0.12 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vfthemes StorePress storepress allows DOM-Based XSS.This issue affects StorePress: from n/a through <= 1.0.12.
6.5
CVE-2025-22822 - WordPress wp custom countdown Plugin <= 2.8 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bishawjit-das wp custom countdown wp-custom-countdown allows Stored XSS.This issue affects wp custom countdown: from n/a through <= 2.8.
6.5
CVE-2025-22823 - WordPress Genesis Style Shortcodes Plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jtwerdy Genesis Style Shortcodes genesis-style-shortcodes allows DOM-Based XSS.This issue affects Genesis Style Shortcodes: from n/a through <= 1.0.
6.5
CVE-2025-22824 - WordPress Live Flight Radar Plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lucia.intelisano Live Flight Radar live-flight-radar allows Stored XSS.This issue affects Live Flight Radar: from n/a through <= 1.0.
6.5
CVE-2025-22826 - WordPress Sell Digital Downloads plugin <= 2.2.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpecommerce Sell Digital Downloads sell-digital-downloads allows Stored XSS.This issue affects Sell Digital Downloads: from n/a through <= 2.2.7.
6.5
CVE-2025-22827 - WordPress WP Joomag plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in joomag WP Joomag wp-joomag allows DOM-Based XSS.This issue affects WP Joomag: from n/a through <= 2.5.2.
3.7
CVE-2024-10106 - Ember ZNet buffer overflow in 'packet handoff' plugin
A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer.
8.2
CVE-2023-24012 - Data Distribution Service (DDS) Chain of Trust (CoT) violation vulnerability in Open DDS
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificateโs validation. This is caused by a non-comโฆ
8.2
CVE-2023-24011 - Data Distribution Service (DDS) Chain of Trust (CoT) violation vulnerability in Cyclone DDS
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificateโs validation. This is caused by a non-comโฆ
8.2
CVE-2023-24010 - Data Distribution Service (DDS) Chain of Trust (CoT) violation in Fast DDS
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificateโs validation. This is caused by a non-comโฆ