CVE Alert: CVE-2025-26919
Vulnerability Summary: CVE-2025-26919 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tainacan Tainá allows Stored XSS....
CVE
CVE Alert: CVE-2025-27561
Vulnerability Summary: CVE-2025-27561 Unauthenticated attackers can rename "rooms" of arbitrary users. Affected Endpoints: No affected endpoints listed. Published Date: 4/15/2025,...
CVE Alert: CVE-2025-27011
Vulnerability Summary: CVE-2025-27011 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in magepeopleteam...
CVE Alert: CVE-2025-26908
Vulnerability Summary: CVE-2025-26908 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Gurmehub Kargo Entegratör...
CVE Alert: CVE-2025-27575
Vulnerability Summary: CVE-2025-27575 An unauthenticated attacker can obtain EV charger version and firmware upgrading history by knowing the charger ID....
CVE Alert: CVE-2025-26953
Vulnerability Summary: CVE-2025-26953 Missing Authorization vulnerability in NotFound JetMenu allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects...
CVE Alert: CVE-2025-26998
Vulnerability Summary: CVE-2025-26998 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Blocks – Gutenberg...
CVE Alert: CVE-2025-27008
Vulnerability Summary: CVE-2025-27008 Missing Authorization vulnerability in NotFound Unlimited Timeline allows Accessing Functionality Not Properly Constrained by ACLs. This issue...
CVE Alert: CVE-2025-26996
Vulnerability Summary: CVE-2025-26996 Improper Control of Generation of Code ('Code Injection') vulnerability in Fetch Designs Sign-up Sheets allows Code Injection....
CVE Alert: CVE-2025-27719
Vulnerability Summary: CVE-2025-27719 Unauthenticated attackers can query an API endpoint and get device details. Affected Endpoints: No affected endpoints listed....
CVE Alert: CVE-2025-27927
Vulnerability Summary: CVE-2025-27927 An unauthenticated attackers can obtain a list of smart devices by knowing a valid username through an...
CVE Alert: CVE-2025-30982
Vulnerability Summary: CVE-2025-30982 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zookatron MyBookProgress by Stormhill Media...
CVE Alert: CVE-2025-27929
Vulnerability Summary: CVE-2025-27929 Unauthenticated attackers can retrieve full list of users associated with arbitrary accounts. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-30970
Vulnerability Summary: CVE-2025-30970 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Easy Contact allows Reflected...
CVE Alert: CVE-2025-30966
Vulnerability Summary: CVE-2025-30966 Path Traversal vulnerability in NotFound WPJobBoard allows Path Traversal. This issue affects WPJobBoard: from n/a through n/a....
CVE Alert: CVE-2025-30257
Vulnerability Summary: CVE-2025-30257 Unauthenticated attackers can retrieve serial number of smart meters associated to a specific user account. Affected Endpoints:...
CVE Alert: CVE-2025-30510
Vulnerability Summary: CVE-2025-30510 An attacker can upload an arbitrary file instead of a plant image. Affected Endpoints: No affected endpoints...
CVE Alert: CVE-2025-30512
Vulnerability Summary: CVE-2025-30512 Unauthenticated attackers can send configuration settings to device and possible perform physical actions remotely (e.g., on/off). Affected...
CVE Alert: CVE-2025-30967
Vulnerability Summary: CVE-2025-30967 Cross-Site Request Forgery (CSRF) vulnerability in NotFound WPJobBoard allows Upload a Web Shell to a Web Server....
CVE Alert: CVE-2025-31950
Vulnerability Summary: CVE-2025-31950 An unauthenticated attacker can obtain EV charger energy consumption information of other users. Affected Endpoints: No affected...
CVE Alert: CVE-2025-31654
Vulnerability Summary: CVE-2025-31654 An attacker can get information about the groups of the smart home devices for arbitrary users (i.e.,...
CVE Alert: CVE-2025-31945
Vulnerability Summary: CVE-2025-31945 An unauthenticated attacker can obtain other users' charger information. Affected Endpoints: No affected endpoints listed. Published Date:...
CVE Alert: CVE-2025-31147
Vulnerability Summary: CVE-2025-31147 Unauthenticated attackers can query information about total energy consumed by EV chargers of arbitrary users. Affected Endpoints:...
CVE Alert: CVE-2025-31360
Vulnerability Summary: CVE-2025-31360 Unauthenticated attackers can trigger device actions associated with specific "scenes" of arbitrary users. Affected Endpoints: No affected...
