CVE Alert: CVE-2025-2006
Vulnerability Summary: CVE-2025-2006 The Inline Image Upload for BBPress plugin for WordPress is vulnerable to arbitrary file uploads due to...
Vulnerabilities
CVE Alert: CVE-2025-2249
Vulnerability Summary: CVE-2025-2249 The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type...
CVE Alert: CVE-2024-7577
Vulnerability Summary: CVE-2024-7577 IBM InfoSphere Information Server 11.7 could disclose sensitive user credentials from log files during new installation of...
CVE Alert: CVE-2024-43186
Vulnerability Summary: CVE-2024-43186 IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored...
CVE Alert: CVE-2024-13557
Vulnerability Summary: CVE-2024-13557 The Shortcodes by United Themes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions...
CVE Alert: CVE-2025-2803
Vulnerability Summary: CVE-2025-2803 The So-Called Air Quotes plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up...
CVE Alert: CVE-2024-11180
Vulnerability Summary: CVE-2024-11180 The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Timer...
CVE Alert: CVE-2025-2840
Vulnerability Summary: CVE-2025-2840 The DAP to Autoresponders Email Syncing plugin for WordPress is vulnerable to Sensitive Information Exposure in all...
CVE Alert: CVE-2025-2266
Vulnerability Summary: CVE-2025-2266 The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data...
CVE Alert: CVE-2024-55895
Vulnerability Summary: CVE-2024-55895 IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed...
CVE Alert: CVE-2025-0986
Vulnerability Summary: CVE-2025-0986 IBM PowerVM Hypervisor FW1050.00 through FW1050.30 and FW1060.00 through FW1060.20 could allow a local user, under certain...
CVE Alert: CVE-2025-31473
Vulnerability Summary: CVE-2025-31473 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matthewprice1178 WP Database Optimizer allows...
CVE Alert: CVE-2025-2877
Vulnerability Summary: CVE-2025-2877 A flaw was found in the Ansible Automation Platform's Event-Driven Ansible. In configurations where verbosity is set...
CVE Alert: CVE-2024-54362
Vulnerability Summary: CVE-2024-54362 Path Traversal vulnerability in NotFound GetShop ecommerce allows Path Traversal. This issue affects GetShop ecommerce: from n/a...
CVE Alert: CVE-2025-2901
Vulnerability Summary: CVE-2025-2901 A flaw was found in the JBoss EAP Management Console, where a stored Cross-site scripting vulnerability occurs...
CVE Alert: CVE-2025-22360
Vulnerability Summary: CVE-2025-22360 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Azure offload allows...
CVE Alert: CVE-2024-51624
Vulnerability Summary: CVE-2024-51624 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jajapagamentos Já-Já Pagamentos for WooCommerce...
CVE Alert: CVE-2025-22501
Vulnerability Summary: CVE-2025-22501 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Improve My City...
CVE Alert: CVE-2025-22523
Vulnerability Summary: CVE-2025-22523 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Schedule allows...
CVE Alert: CVE-2024-54291
Vulnerability Summary: CVE-2024-54291 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound PluginPass allows Manipulating...
CVE Alert: CVE-2025-22767
Vulnerability Summary: CVE-2025-22767 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in globalpayments GlobalPayments WooCommerce allows Reflected...
CVE Alert: CVE-2025-22575
Vulnerability Summary: CVE-2025-22575 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in extendyourweb SUPER RESPONSIVE SLIDER allows...
CVE Alert: CVE-2025-22526
Vulnerability Summary: CVE-2025-22526 Deserialization of Untrusted Data vulnerability in NotFound PHP/MySQL CPU performance statistics allows Object Injection. This issue affects...
CVE Alert: CVE-2025-22356
Vulnerability Summary: CVE-2025-22356 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stencies Stencies allows Reflected XSS....
