CVE Alert: CVE-2025-22263
Vulnerability Summary: CVE-2025-22263 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Global Gallery allows Reflected...
Vulnerabilities
CVE Alert: CVE-2025-26740
Vulnerability Summary: CVE-2025-26740 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in burgersoftware SpaBiz allows DOM-Based XSS....
CVE Alert: CVE-2025-22268
Vulnerability Summary: CVE-2025-22268 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Uncanny Owl Uncanny Toolkit for...
CVE Alert: CVE-2025-26746
Vulnerability Summary: CVE-2025-26746 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Advanced Custom Fields: Link...
CVE Alert: CVE-2025-26903
Vulnerability Summary: CVE-2025-26903 Cross-Site Request Forgery (CSRF) vulnerability in RealMag777 InPost Gallery allows Cross Site Request Forgery. This issue affects...
CVE Alert: CVE-2025-24315
Vulnerability Summary: CVE-2025-24315 Unauthenticated attackers can add devices of other users to their scenes (or arbitrary scenes of other arbitrary...
CVE Alert: CVE-2025-26906
Vulnerability Summary: CVE-2025-26906 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ren Ventura WP Delete User...
CVE Alert: CVE-2025-25276
Vulnerability Summary: CVE-2025-25276 An unauthenticated attacker can hijack other users' devices and potentially control them. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-24850
Vulnerability Summary: CVE-2025-24850 An attacker can export other users' plant information. Affected Endpoints: No affected endpoints listed. Published Date: 4/15/2025,...
CVE Alert: CVE-2025-26749
Vulnerability Summary: CVE-2025-26749 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Additional Custom Product Tabs...
CVE Alert: CVE-2025-26880
Vulnerability Summary: CVE-2025-26880 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Skill Bar allows...
CVE Alert: CVE-2025-26857
Vulnerability Summary: CVE-2025-26857 Unauthenticated attackers can rename arbitrary devices of arbitrary users (i.e., EV chargers). Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-26870
Vulnerability Summary: CVE-2025-26870 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound JetEngine allows DOM-Based XSS....
CVE Alert: CVE-2025-26748
Vulnerability Summary: CVE-2025-26748 Cross-Site Request Forgery (CSRF) vulnerability in LOOS,Inc. Arkhe allows PHP Local File Inclusion. This issue affects Arkhe:...
CVE Alert: CVE-2025-26934
Vulnerability Summary: CVE-2025-26934 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in graphthemes Glossy Blog allows Stored...
CVE Alert: CVE-2025-26927
Vulnerability Summary: CVE-2025-26927 Unrestricted Upload of File with Dangerous Type vulnerability in EPC AI Hub allows Upload a Web Shell...
CVE Alert: CVE-2025-26950
Vulnerability Summary: CVE-2025-26950 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AddonsPress Nepali Date Converter allows...
CVE Alert: CVE-2025-26951
Vulnerability Summary: CVE-2025-26951 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in covertnine C9 Blocks allows DOM-Based...
CVE Alert: CVE-2025-26930
Vulnerability Summary: CVE-2025-26930 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alleythemes Home Services allows DOM-Based...
CVE Alert: CVE-2025-27565
Vulnerability Summary: CVE-2025-27565 An unauthenticated attacker can delete any user's "rooms" by knowing the user's and room IDs. Affected Endpoints:...
CVE Alert: CVE-2025-26919
Vulnerability Summary: CVE-2025-26919 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tainacan Tainá allows Stored XSS....
CVE Alert: CVE-2025-27561
Vulnerability Summary: CVE-2025-27561 Unauthenticated attackers can rename "rooms" of arbitrary users. Affected Endpoints: No affected endpoints listed. Published Date: 4/15/2025,...
CVE Alert: CVE-2025-26908
Vulnerability Summary: CVE-2025-26908 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Gurmehub Kargo Entegratör...
CVE Alert: CVE-2025-27011
Vulnerability Summary: CVE-2025-27011 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magepeopleteam...
