CVE Alert: CVE-2025-1557
Vulnerability Summary: CVE-2025-1557 A vulnerability, which was classified as problematic, was found in OFCMS 1.1.3. Affected is an unknown function....
CVE
CVE Alert: CVE-2025-26756
Vulnerability Summary: CVE-2025-26756 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in grimdonkey Magic the Gathering Card...
CVE Alert: CVE-2025-26750
Vulnerability Summary: CVE-2025-26750 Missing Authorization vulnerability in appsbd Vitepos allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects...
CVE Alert: CVE-2025-26760
Vulnerability Summary: CVE-2025-26760 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Wow-Company...
CVE Alert: CVE-2025-26757
Vulnerability Summary: CVE-2025-26757 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FULL...
CVE Alert: CVE-2025-26763
Vulnerability Summary: CVE-2025-26763 Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection. This issue affects...
CVE Alert: CVE-2025-26776
Vulnerability Summary: CVE-2025-26776 Unrestricted Upload of File with Dangerous Type vulnerability in NotFound Chaty Pro allows Upload a Web Shell...
CVE Alert: CVE-2022-28339
Vulnerability Summary: CVE-2022-28339 Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled search patch element vulnerability...
CVE Alert: CVE-2025-26973
Vulnerability Summary: CVE-2025-26973 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WarfarePlugins Social Warfare allows DOM-Based...
CVE Alert: CVE-2025-27012
Vulnerability Summary: CVE-2025-27012 Cross-Site Request Forgery (CSRF) vulnerability in a1post A1POST.BG Shipping for Woo allows Privilege Escalation. This issue affects...
CVE Alert: CVE-2025-26774
Vulnerability Summary: CVE-2025-26774 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rock Solid Responsive Modal Builder...
CVE Alert: CVE-2025-1410
Vulnerability Summary: CVE-2025-1410 The Events Calendar Made Simple – Pie Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting...
CVE Alert: CVE-2024-12452
Vulnerability Summary: CVE-2024-12452 The Ziggeo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ziggeo_event' shortcode in...
CVE Alert: CVE-2024-13461
Vulnerability Summary: CVE-2024-13461 The Autoship Cloud for WooCommerce Subscription Products plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...
CVE Alert: CVE-2024-13353
Vulnerability Summary: CVE-2024-13353 The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is...
CVE Alert: CVE-2024-13648
Vulnerability Summary: CVE-2024-13648 The Maps for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'MapOnePoint'...
CVE Alert: CVE-2025-1402
Vulnerability Summary: CVE-2025-1402 The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of data due to...
CVE Alert: CVE-2024-12276
Vulnerability Summary: CVE-2024-12276 The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for...
CVE Alert: CVE-2025-1535
Vulnerability Summary: CVE-2025-1535 A vulnerability was found in Baiyi Cloud Asset Management System 8.142.100.161. It has been classified as critical....
CVE Alert: CVE-2024-13455
Vulnerability Summary: CVE-2024-13455 The igumbi Online Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'igumbi_calendar'...
CVE Alert: CVE-2025-1489
Vulnerability Summary: CVE-2025-1489 The WP-Appbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's appbox shortcode in...
CVE Alert: CVE-2025-26794
Vulnerability Summary: CVE-2025-26794 Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are used, allows remote SQL injection. Affected...
CVE Alert: CVE-2020-6158
Vulnerability Summary: CVE-2020-6158 Opera Mini for Android before version 52.2 is vulnerable to an address bar spoofing attack. The vulnerability...
CVE Alert: CVE-2024-13846
Vulnerability Summary: CVE-2024-13846 The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘post_id’...
