5.5
CVE-2025-0218 - pgAgent scheduled batch job scripts are created in a predictable temporary directory potentially alβ¦
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then executed. In versions of pgAgent prior to 4.2.3, an insufficiently seeded random number generator is used when generating the directory name, leading to the possibility for a local attacker to pre-create β¦
5.3
CVE-2025-0301 - code-projects Online Book Shop subcat.php cross site scripting
A vulnerability, which was classified as problematic, has been found in code-projects Online Book Shop 1.0. Affected by this issue is some unknown functionality of the file /subcat.php. The manipulation of the argument catnm leads to cross site scripting. The attack may be launched remotely. The exβ¦
7.2
CVE-2024-54007 - Authenticated Remote Command Injection Vulnerability in the Web Interface of a 501 Wireless Client β¦
Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as a privileged useβ¦
7.2
CVE-2024-54006 - Authenticated Remote Command Injection Vulnerability in the Web Interface of a 501 Wireless Client β¦
Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as a privileged useβ¦
5.3
CVE-2025-0300 - code-projects Online Book Shop subcat.php sql injection
A vulnerability classified as critical was found in code-projects Online Book Shop 1.0. Affected by this vulnerability is an unknown functionality of the file /subcat.php. The manipulation of the argument cat leads to sql injection. The attack can be launched remotely. The exploit has been discloseβ¦
5.3
CVE-2025-22306 - WordPress Link Whisper Free plugin <= 0.7.7 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in Spencer Haws Link Whisper Free link-whisper.This issue affects Link Whisper Free: from n/a through <= 0.7.7.
5.3
CVE-2025-22363 - WordPress Allada T-shirt Designer for Woocommerce plugin <= 1.1 - Broken Access Control vulnerabiliβ¦
Missing Authorization vulnerability in Hermann LAHAMI Allada T-shirt Designer for Woocommerce allada-tshirt-designer-for-woocommerce.This issue affects Allada T-shirt Designer for Woocommerce: from n/a through <= 1.1.
6.5
CVE-2025-22296 - WordPress Hash Elements plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hashthemes Hash Elements hash-elements.This issue affects Hash Elements: from n/a through <= 1.5.0.
4.3
CVE-2025-22319 - WordPress MashShare plugin <= 4.0.47 - Broken Access Control vulnerability
Missing Authorization vulnerability in DearHive Social Media Share Buttons | MashShare.This issue affects Social Media Share Buttons | MashShare: from n/a through 4.0.47.
6.5
CVE-2025-22334 - WordPress Education LMS theme <= 0.0.7 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FilaThemes Education LMS allows Stored XSS.This issue affects Education LMS: from n/a through 0.0.7.