0.0

CVE-2025-46434 - WordPress The Plus Addons for Elementor Pro plugin < 6.3.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in POSIMYTH Innovation The Plus Addons for Elementor Pro theplus_elementor_addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Pro: from n/a through < 6.3.7.

πŸ“… Published: Jan. 7, 2026, 12:35 p.m. πŸ”„ Last Modified: April 23, 2026, 3:29 p.m.

6.4

CVSS3.1

CVE-2025-46256 - WordPress Advanced Database Cleaner PRO Plugin <= 3.2.10 - Limited .txt Path Traversal vulnerability

Path Traversal: '.../...//' vulnerability in SigmaPlugin Advanced Database Cleaner PRO allows Path Traversal.This issue affects Advanced Database Cleaner PRO: from n/a through 3.2.10.

πŸ“… Published: Jan. 7, 2026, 12:34 p.m. πŸ”„ Last Modified: April 28, 2026, 4:12 p.m.

9.3

CVSS3.1

CVE-2025-32303 - WordPress WPCHURCH plugin <= 2.7.0 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mojoomla WPCHURCH allows Blind SQL Injection.This issue affects WPCHURCH: from n/a through 2.7.0.

πŸ“… Published: Jan. 7, 2026, 12:32 p.m. πŸ”„ Last Modified: April 28, 2026, 4:12 p.m.

3.2

CVSS3.1

CVE-2026-25211 - llamastack/llama-stack: Sensitive Information Exposure Through Log Files in Llama Stack PGVector In…

Llama Stack (aka llama-stack) before 0.4.0rc3 does not censor the pgvector password in the initialization log.

πŸ“… Published: Jan. 7, 2026, 12:15 p.m. πŸ”„ Last Modified: April 18, 2026, 2:45 p.m.

7.1

CVSS3.1

CVE-2025-32300 - WordPress DZS Video Gallery plugin <= 12.25 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digital zoom studio DZS Video Gallery allows Reflected XSS.This issue affects DZS Video Gallery: from n/a through 12.25.

πŸ“… Published: Jan. 7, 2026, 12:06 p.m. πŸ”„ Last Modified: April 28, 2026, 4:12 p.m.

8.8

CVSS3.1

CVE-2025-31643 - WordPress WPCHURCH plugin <= 2.7.0 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Dasinfomedia WPCHURCH allows Privilege Escalation.This issue affects WPCHURCH: from n/a through 2.7.0.

πŸ“… Published: Jan. 7, 2026, 12:05 p.m. πŸ”„ Last Modified: April 28, 2026, 4:12 p.m.

8.1

CVSS3.1

CVE-2025-69080 - WordPress Gecko theme <= 1.9.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in JanStudio Gecko gecko allows PHP Local File Inclusion.This issue affects Gecko: from n/a through <= 1.9.8.

πŸ“… Published: Jan. 7, 2026, 11:59 a.m. πŸ”„ Last Modified: April 23, 2026, 3:36 p.m.

8.1

CVSS3.1

CVE-2025-69081 - WordPress Hope theme <= 3.0.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeREX Hope charity-is-hope allows PHP Local File Inclusion.This issue affects Hope: from n/a through <= 3.0.0.

πŸ“… Published: Jan. 7, 2026, 11:56 a.m. πŸ”„ Last Modified: April 23, 2026, 3:36 p.m.

7.1

CVSS3.1

CVE-2025-69082 - WordPress Arlo theme <= 6.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Frenify Arlo arlo allows Reflected XSS.This issue affects Arlo: from n/a through <= 6.0.3.

πŸ“… Published: Jan. 7, 2026, 11:54 a.m. πŸ”„ Last Modified: April 23, 2026, 3:36 p.m.

4.3

CVSS3.1

CVE-2025-69333 - WordPress JetEngine plugin <= 3.8.1.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through <= 3.8.1.1.

πŸ“… Published: Jan. 7, 2026, 11:52 a.m. πŸ”„ Last Modified: April 23, 2026, 3:36 p.m.
Total resulsts: 349182
Page 2251 of 34,919
Β« previous page Β» next page
Filters