Vulnerabilities

CVE Alert: CVE-2025-46531

April 25, 2025

Vulnerability Summary: CVE-2025-46531 Server-Side Request Forgery (SSRF) vulnerability in Ankur Vishwakarma WP AVCL Automation Helper (formerly WPFlyLeads) allows Server Side...

CVE Alert: CVE-2025-46533

April 25, 2025

Vulnerability Summary: CVE-2025-46533 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdrift.no Landing pages and Domain...

CVE Alert: CVE-2025-46529

April 25, 2025

Vulnerability Summary: CVE-2025-46529 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StressFree Sites Business Contact Widget...

CVE Alert: CVE-2025-46530

April 25, 2025

Vulnerability Summary: CVE-2025-46530 Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Attachment allows Stored XSS. This issue affects...

CVE Alert: CVE-2025-46542

April 25, 2025

Vulnerability Summary: CVE-2025-46542 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeXpert Xpert Tab allows Stored...

CVE Alert: CVE-2025-46541

April 25, 2025

Vulnerability Summary: CVE-2025-46541 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elrata_ WP-reCAPTCHA-bp allows Stored XSS....

CVE Alert: CVE-2025-46528

April 25, 2025

Vulnerability Summary: CVE-2025-46528 Cross-Site Request Forgery (CSRF) vulnerability in Steve Availability Calendar allows Stored XSS. This issue affects Availability Calendar:...

CVE Alert: CVE-2025-43858

April 25, 2025

Vulnerability Summary: CVE-2025-43858 YoutubeDLSharp is a wrapper for the command-line video downloaders youtube-dl and yt-dlp. In versions starting from 1.0.0-beta4...

CVE Alert: CVE-2025-46538

April 25, 2025

Vulnerability Summary: CVE-2025-46538 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webplanetsoft Inline Text Popup allows...

CVE Alert: CVE-2025-43859

April 25, 2025

Vulnerability Summary: CVE-2025-43859 h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of...

CVE Alert: CVE-2025-46540

April 25, 2025

Vulnerability Summary: CVE-2025-46540 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Mok GNA Search Shortcode...

CVE Alert: CVE-2024-30114

April 25, 2025

Vulnerability Summary: CVE-2024-30114 Insufficient sanitization in HCL Leap allows client-side script injection in the authoring environment. Affected Endpoints: No affected...

CVE Alert: CVE-2023-45720

April 25, 2025

Vulnerability Summary: CVE-2023-45720 Insufficient default configuration in HCL Leap allows anonymous access to directory information. Affected Endpoints: No affected endpoints...

CVE Alert: CVE-2024-30113

April 25, 2025

Vulnerability Summary: CVE-2024-30113 Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML...

CVE Alert: CVE-2025-31324

April 25, 2025

Vulnerability Summary: CVE-2025-31324 SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to...

CVE Alert: CVE-2023-37534

April 25, 2025

Vulnerability Summary: CVE-2023-37534 Insufficient URI protocol whitelist in HCL Leap allows script injection through query parameters. Affected Endpoints: No affected...

CVE Alert: CVE-2024-30147

April 25, 2025

Vulnerability Summary: CVE-2024-30147 Multiple vectors in HCL Leap allow client-side script injection in the authoring environment and deployed applications. Affected...

CVE Alert: CVE-2022-44760

April 25, 2025

Vulnerability Summary: CVE-2022-44760 Unsafe default file type filter policy in HCL Leap allows execution of unsafe JavaScript in deployed applications....

CVE Alert: CVE-2022-44759

April 25, 2025

Vulnerability Summary: CVE-2022-44759 Improper sanitization of SVG files in HCL Leap allows client-side script injection in deployed applications. Affected Endpoints:...

CVE Alert: CVE-2025-46275

April 25, 2025

Vulnerability Summary: CVE-2025-46275 WGS-80HPT-V2 and WGS-4215-8T2S are missing authentication that could allow an attacker to create an administrator account without...

CVE Alert: CVE-2025-43861

April 25, 2025

Vulnerability Summary: CVE-2025-43861 ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 2f177dc, ManageWiki is vulnerable...

CVE Alert: CVE-2025-1294

April 25, 2025

Vulnerability Summary: CVE-2025-1294 The eForm - WordPress Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all...

CVE Alert: CVE-2023-37516

April 25, 2025

Vulnerability Summary: CVE-2023-37516 Missing "no cache" headers in HCL Leap permits user directory information to be cached. Affected Endpoints: No...

CVE Alert: CVE-2024-30127

April 25, 2025

Vulnerability Summary: CVE-2024-30127 Missing "no cache" headers in HCL Leap permits sensitive data to be cached. Affected Endpoints: No affected...

Vulnerabilities

CVE Alert: CVE-2025-46531

CVE Alert: CVE-2025-46533

CVE Alert: CVE-2025-46529

CVE Alert: CVE-2025-46530

CVE Alert: CVE-2025-46542

CVE Alert: CVE-2025-46541

CVE Alert: CVE-2025-46528

CVE Alert: CVE-2025-43858

CVE Alert: CVE-2025-46538

CVE Alert: CVE-2025-43859

CVE Alert: CVE-2025-46540

CVE Alert: CVE-2024-30114

CVE Alert: CVE-2023-45720

CVE Alert: CVE-2024-30113

CVE Alert: CVE-2025-31324

CVE Alert: CVE-2023-37534

CVE Alert: CVE-2024-30147

CVE Alert: CVE-2022-44760

CVE Alert: CVE-2022-44759

CVE Alert: CVE-2025-46275

CVE Alert: CVE-2025-43861

CVE Alert: CVE-2025-1294

CVE Alert: CVE-2023-37516

CVE Alert: CVE-2024-30127

CVE Alert: CVE-2025-7600

CVE Alert: CVE-2025-7596

CVE Alert: CVE-2025-7597

CVE Alert: CVE-2025-7599

CVE Alert: CVE-2025-7601

You may have missed