8.5

CVSS3.1

CVE-2025-27281 - WordPress All In Menu Plugin <= 1.1.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in cookforweb All In Menu allows Blind SQL Injection. This issue affects All In Menu: from n/a through 1.1.5.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 17, 2025, 4:09 p.m.

8.5

CVSS3.1

CVE-2025-26978 - WordPress FS Poster plugin <= 6.5.8 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound FS Poster. This issue affects FS Poster: from n/a through 6.5.8.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 17, 2025, 4:09 p.m.

8.5

CVSS3.1

CVE-2025-26976 - WordPress PrivateContent plugin <= 8.11.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aldo Latino PrivateContent. This issue affects PrivateContent: from n/a through 8.11.4.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:11 p.m.

7.1

CVSS3.1

CVE-2025-26972 - WordPress PrivateContent plugin <= 8.11.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound PrivateContent. This issue affects PrivateContent: from n/a through 8.11.5.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:12 p.m.

8.3

CVSS3.1

CVE-2025-26969 - WordPress PrivateContent plugin <= 8.11.5 - Subscriber+ Site Wide Broken Access Control vulnerabili…

Missing Authorization vulnerability in Aldo Latino PrivateContent. This issue affects PrivateContent: from n/a through 8.11.5.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:13 p.m.

8.6

CVSS3.1

CVE-2025-26961 - WordPress Fresh Framework plugin <= 1.70.0 - Unauthenticated Broken Access Control vulnerability

Missing Authorization vulnerability in NotFound Fresh Framework allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Fresh Framework: from n/a through 1.70.0.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:14 p.m.

6.3

CVSS3.1

CVE-2025-26940 - WordPress Pie Register Premium plugin <= 3.8.3.2 - Path Traversal to Non-Arbitrary File Deletion vu…

Path Traversal vulnerability in NotFound Pie Register Premium. This issue affects Pie Register Premium: from n/a through 3.8.3.2.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:15 p.m.

6.5

CVSS3.1

CVE-2025-26924 - WordPress Ohio Theme Extra plugin <= 3.4.7 - Shortcode Injection vulnerability

Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Ohio Extra allows Code Injection. This issue affects Ohio Extra: from n/a through 3.4.7.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:16 p.m.

8.8

CVSS3.1

CVE-2025-26921 - WordPress Booking and Rental Manager Plugin <= 2.2.6 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager allows Object Injection. This issue affects Booking and Rental Manager: from n/a through 2.2.6.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:16 p.m.

6.5

CVSS3.1

CVE-2025-26899 - WordPress Recapture for WooCommerce Plugin <= 1.0.43 - CSRF to Settings Change vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Recapture Cart Recovery and Email Marketing Recapture for WooCommerce allows Cross Site Request Forgery. This issue affects Recapture for WooCommerce: from n/a through 1.0.43.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 17, 2025, 4:10 p.m.
Total resulsts: 285663
Page 25 of 28,567
Β« previous page Β» next page
Filters