8.5

CVSS3.1

CVE-2025-26976 - WordPress PrivateContent plugin <= 8.11.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aldo Latino PrivateContent. This issue affects PrivateContent: from n/a through 8.11.4.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:11 p.m.

7.1

CVSS3.1

CVE-2025-26972 - WordPress PrivateContent plugin <= 8.11.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound PrivateContent. This issue affects PrivateContent: from n/a through 8.11.5.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:12 p.m.

8.3

CVSS3.1

CVE-2025-26969 - WordPress PrivateContent plugin <= 8.11.5 - Subscriber+ Site Wide Broken Access Control vulnerabili…

Missing Authorization vulnerability in Aldo Latino PrivateContent. This issue affects PrivateContent: from n/a through 8.11.5.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:13 p.m.

8.6

CVSS3.1

CVE-2025-26961 - WordPress Fresh Framework plugin <= 1.70.0 - Unauthenticated Broken Access Control vulnerability

Missing Authorization vulnerability in NotFound Fresh Framework allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Fresh Framework: from n/a through 1.70.0.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:14 p.m.

6.3

CVSS3.1

CVE-2025-26940 - WordPress Pie Register Premium plugin <= 3.8.3.2 - Path Traversal to Non-Arbitrary File Deletion vu…

Path Traversal vulnerability in NotFound Pie Register Premium. This issue affects Pie Register Premium: from n/a through 3.8.3.2.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:15 p.m.

6.5

CVSS3.1

CVE-2025-26924 - WordPress Ohio Theme Extra plugin <= 3.4.7 - Shortcode Injection vulnerability

Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Ohio Extra allows Code Injection. This issue affects Ohio Extra: from n/a through 3.4.7.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:16 p.m.

8.8

CVSS3.1

CVE-2025-26921 - WordPress Booking and Rental Manager Plugin <= 2.2.6 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager allows Object Injection. This issue affects Booking and Rental Manager: from n/a through 2.2.6.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 18, 2025, 4:16 p.m.

6.5

CVSS3.1

CVE-2025-26899 - WordPress Recapture for WooCommerce Plugin <= 1.0.43 - CSRF to Settings Change vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Recapture Cart Recovery and Email Marketing Recapture for WooCommerce allows Cross Site Request Forgery. This issue affects Recapture for WooCommerce: from n/a through 1.0.43.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 17, 2025, 4:10 p.m.

6.5

CVSS3.1

CVE-2025-26895 - WordPress m1.DownloadList plugin <= 0.19 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in maennchen1.de m1.DownloadList allows DOM-Based XSS. This issue affects m1.DownloadList: from n/a through 0.19.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 17, 2025, 4:10 p.m.

7.6

CVSS3.1

CVE-2025-26886 - WordPress PublishPress Authors plugin <= 4.7.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PublishPress PublishPress Authors allows SQL Injection. This issue affects PublishPress Authors: from n/a through 4.7.3.

πŸ“… Published: March 15, 2025, 9:57 p.m. πŸ”„ Last Modified: March 17, 2025, 4:11 p.m.
Total resulsts: 285661
Page 25 of 28,567
Β« previous page Β» next page
Filters