4.3
CVE-2025-26477 -
Dell ECS version 3.8.1.4 and prior contain an Improper Input Validation vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.
3.1
CVE-2025-26478 -
Dell ECS version 3.8.1.4 and prior contain an Improper Certificate Validation vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Information disclosure.
5.3
CVE-2025-3479 - Forminator <= 1.42.0 - Order Replay Vulnerability
The Forminator Forms β Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Order Replay in all versions up to, and including, 1.42.0 via the 'handle_stripe_single' function due to insufficient validation on a user controlled key. This makes it possible for unautheβ¦
6.4
CVE-2025-3487 - Forminator <= 1.42.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'limit'
The Forminator Forms β Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βlimitβ parameter in all versions up to, and including, 1.42.0 due to insufficient input sanitization and output escaping. This makes it possible for autβ¦
5.3
CVE-2025-3453 - Password Protected β Password Protect your WordPress Site, Pages, & WooCommerce Products <= 2.7.7 -β¦
The Password Protected β Password Protect your WordPress Site, Pages, & WooCommerce Products β Restrict Content, Protect WooCommerce Category and more plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.7 via the 'password_protected_cookie'β¦
6.3
CVE-2025-29931 -
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected product does not properly validate a length field in a serialized message which it uses to determine the amount of memory to be allocated for deserialization. This could allow an unauthenticated β¦
8.1
CVE-2025-1532 - Code Injection Vulnerability in Phoneservice
Phoneservice module is affected by code injection vulnerability, successful exploitation of this vulnerability may affect service confidentiality and integrity.
8.1
CVE-2025-2188 - Whitelist bypass Vulnerability in GameCenter
There is a whitelist mechanism bypass in GameCenter ,successful exploitation of this vulnerability may affect service confidentiality and integrity.
4.3
CVE-2025-2197 - Type Confusion Vulnerability in Browser
Browser is affected by type confusion vulnerability, successful exploitation of this vulnerability may affect service availability.
6.4
CVE-2025-3615 - Fluent Forms <= 6.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form-submission.js script in all versions up to, and including, 6.0.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level accβ¦