9.8
CVE-2025-0912 - GiveWP β Donation Plugin and Fundraising Platform <= 3.19.4 - Unauthenticated PHP Object Injection
The Donations Widget plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.19.4 via deserialization of untrusted input from the Donation Form through the 'card_address' parameter. This makes it possible for unauthenticated attackers to inject a PHP Objecβ¦
4.3
CVE-2024-13686 - VW Storefront <= 0.9.9 - Missing Authorization to Authenticated (Subscriber+) Settings Reset
The VW Storefront theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vw_storefront_reset_all_settings() function in all versions up to, and including, 0.9.9. This makes it possible for authenticated attackers, with Subscriber-level accessβ¦
6.9
CVE-2025-1901 - PHPGurukul Restaurant Table Booking System check_availability.php sql injection
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/check_availability.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. β¦
6.9
CVE-2025-1900 - PHPGurukul Restaurant Table Booking System add-table.php sql injection
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /add-table.php. The manipulation of the argument tableno leads to sql injection. The attack may be launched remotely. The exploit β¦
7.1
CVE-2025-1899 - Tenda TX3 setPptpUserList buffer overflow
A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack can be launched remotely. The exploit β¦
7.1
CVE-2025-1898 - Tenda TX3 openSchedWifi buffer overflow
A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11_multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely. The exβ¦
7.1
CVE-2025-1897 - Tenda TX3 SetNetControlList buffer overflow
A vulnerability, which was classified as critical, has been found in Tenda TX3 16.03.13.11_multi. This issue affects some unknown processing of the file /goform/SetNetControlList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has bβ¦
7.1
CVE-2025-1896 - Tenda TX3 SetStaticRouteCfg buffer overflow
A vulnerability classified as critical was found in Tenda TX3 16.03.13.11_multi. This vulnerability affects unknown code of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to theβ¦
7.1
CVE-2025-1895 - Tenda TX3 setMacFilterCfg buffer overflow
A vulnerability classified as critical has been found in Tenda TX3 16.03.13.11_multi. This affects an unknown part of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been discloseβ¦
6.9
CVE-2025-1894 - PHPGurukul Restaurant Table Booking System search-result.php sql injection
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. The attack may be launched remotely. Tβ¦