5.3

CVSS4.0

CVE-2025-2337 - tbeu matio mat.c Mat_VarPrint heap-based overflow

A vulnerability, which was classified as critical, has been found in tbeu matio 1.5.28. This issue affects the function Mat_VarPrint of the file src/mat.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and ma…

πŸ“… Published: March 16, 2025, 9:31 a.m. πŸ”„ Last Modified: March 17, 2025, 3:15 p.m.

3.5

CVSS3.1

CVE-2025-1624 - GDPR Cookie Compliance < 4.15.9 - Admin+ Stored XSS

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

πŸ“… Published: March 16, 2025, 6 a.m. πŸ”„ Last Modified: March 17, 2025, 6:15 p.m.

3.5

CVSS3.1

CVE-2025-1623 - GDPR Cookie Compliance < 4.15.9 - Admin+ Stored XSS

The GDPR Cookie Compliance WordPress plugin before 4.15.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

πŸ“… Published: March 16, 2025, 6 a.m. πŸ”„ Last Modified: March 17, 2025, 6:15 p.m.

3.5

CVSS3.1

CVE-2025-1622 - GDPR Cookie Compliance < 4.15.7 - Admin+ Stored XSS

The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

πŸ“… Published: March 16, 2025, 6 a.m. πŸ”„ Last Modified: March 17, 2025, 7:15 p.m.

4.8

CVSS3.1

CVE-2025-1621 - GDPR Cookie Compliance < 4.15.7 - Admin+ Stored XSS

The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

πŸ“… Published: March 16, 2025, 6 a.m. πŸ”„ Last Modified: March 17, 2025, 4:15 p.m.

4.8

CVSS3.1

CVE-2025-1620 - GDPR Cookie Compliance < 4.15.7 - Admin+ Stored XSS

The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

πŸ“… Published: March 16, 2025, 6 a.m. πŸ”„ Last Modified: March 17, 2025, 4:15 p.m.

4.8

CVSS3.1

CVE-2025-1619 - GDPR Cookie Compliance < 4.15.7 - Admin+ Stored XSS

The GDPR Cookie Compliance WordPress plugin before 4.15.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

πŸ“… Published: March 16, 2025, 6 a.m. πŸ”„ Last Modified: March 17, 2025, 4:15 p.m.

4.8

CVSS3.1

CVE-2024-13602 - Poll Maker < 5.5.4 - Admin+ Stored XSS

The Poll Maker WordPress plugin before 5.5.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

πŸ“… Published: March 16, 2025, 6 a.m. πŸ”„ Last Modified: March 17, 2025, 4:15 p.m.

4.6

CVSS3.1

CVE-2024-13126 - Download Manager < 3.3.07 - Unauthenticated Data Exposure

The Download Manager WordPress plugin before 3.3.07 doesn't prevent directory listing on web servers that don't use htaccess, allowing unauthorized access of files.

πŸ“… Published: March 16, 2025, 6 a.m. πŸ”„ Last Modified: March 17, 2025, 7:15 p.m.

5.1

CVSS4.0

CVE-2025-2335 - Drivin Soluçáes API registerSchool cross site scripting

A vulnerability classified as problematic was found in Drivin Soluçáes up to 20250226. This vulnerability affects unknown code of the file /api/school/registerSchool of the component API Handler. The manipulation of the argument message leads to cross site scripting. The attack can be initiated rem…

πŸ“… Published: March 16, 2025, 2:31 a.m. πŸ”„ Last Modified: March 17, 2025, 6:14 p.m.
Total resulsts: 285741
Page 31 of 28,575
Β« previous page Β» next page
Filters