7.1
CVE-2025-32113 - WordPress Libro de Reclamaciones y Quejas plugin <= 1.0 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Renzo Tejada Libro de Reclamaciones y Quejas libro-de-reclamaciones-y-quejas allows Cross Site Request Forgery.This issue affects Libro de Reclamaciones y Quejas: from n/a through <= 1.0.
7.1
CVE-2025-32112 - WordPress Sidebar Manager Light plugin <= 1.18 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Sidebar Manager Light sidebar-manager-light allows Cross Site Request Forgery.This issue affects Sidebar Manager Light: from n/a through <= 1.18.
7.8
CVE-2025-25178 - GPU DDK - PhysmemWrapExtMem uiSize=0 corrupts kernel memory
Software installed and run as a non-privileged user may conduct improper GPU system calls to cause kernel system memory corruption.
7.1
CVE-2025-0468 - GPU DDK - ui64RobustnessAddress can overwrite Freelist / HWRT (and bypass PMMETA)
Software installed and run as a non-privileged user may conduct improper GPU system calls to subvert GPU HW to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kerneβ¦
5.1
CVE-2025-3253 - xujiangfei admintwo insertTree cross site scripting
A vulnerability was found in xujiangfei admintwo 1.0 and classified as problematic. This issue affects some unknown processing of the file /ztree/insertTree. The manipulation of the argument Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to β¦
5.1
CVE-2025-3252 - xujiangfei admintwo add cross site scripting
A vulnerability has been found in xujiangfei admintwo 1.0 and classified as problematic. This vulnerability affects unknown code of the file /resource/add. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to thβ¦
0.0
CVE-2025-3283 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.1
CVE-2025-3251 - xujiangfei admintwo updateSet cross site scripting
A vulnerability, which was classified as problematic, was found in xujiangfei admintwo 1.0. This affects an unknown part of the file /user/updateSet. The manipulation of the argument motto leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed β¦
5.3
CVE-2025-3250 - elunez eladmin Maintenance Management Module testConnect deserialization
A vulnerability, which was classified as problematic, has been found in elunez eladmin 2.7. Affected by this issue is some unknown functionality of the file /api/database/testConnect of the component Maintenance Management Module. The manipulation leads to deserialization. The attack may be launcheβ¦
9.1
CVE-2025-31480 - aiven-extras allows PostgreSQL Privilege Escalation through format function
aiven-extras is a PostgreSQL extension. This is a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages the format function not being schema-prefixed. Affected users should install 1.1.16 and enβ¦