CVE Alert: CVE-2025-0839
Vulnerability Summary: CVE-2025-0839 The ZoomSounds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to,...
CVE
CVE Alert: CVE-2025-3296
Vulnerability Summary: CVE-2025-3296 A vulnerability, which was classified as critical, has been found in SourceCodester Online Eyewear Shop 1.0. This...
CVE Alert: CVE-2025-2941
Vulnerability Summary: CVE-2025-2941 The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to arbitrary file...
CVE Alert: CVE-2025-3303
Vulnerability Summary: CVE-2025-3303 A vulnerability, which was classified as critical, has been found in code-projects Patient Record Management System 1.0....
CVE Alert: CVE-2025-32357
Vulnerability Summary: CVE-2025-32357 In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the...
CVE Alert: CVE-2025-32360
Vulnerability Summary: CVE-2025-32360 In Zammad 6.4.x before 6.4.2, there is information exposure. Only agents should be able to see and...
CVE Alert: CVE-2025-3299
Vulnerability Summary: CVE-2025-3299 A vulnerability was found in PHPGurukul Men Salon Management System 1.0 and classified as critical. Affected by...
CVE Alert: CVE-2025-32359
Vulnerability Summary: CVE-2025-32359 In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When changing their two factor...
CVE Alert: CVE-2025-32358
Vulnerability Summary: CVE-2025-32358 In Zammad 6.4.x before 6.4.2, SSRF can occur. Authenticated admin users can enable webhooks in Zammad, which...
CVE Alert: CVE-2025-32364
Vulnerability Summary: CVE-2025-32364 A floating-point exception in the PSStack::roll function of Poppler before 25.04.0 can cause an application to crash...
CVE Alert: CVE-2025-32365
Vulnerability Summary: CVE-2025-32365 Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc...
CVE Alert: CVE-2025-3304
Vulnerability Summary: CVE-2025-3304 A vulnerability, which was classified as critical, was found in code-projects Patient Record Management System 1.0. This...
CVE Alert: CVE-2025-3305
Vulnerability Summary: CVE-2025-3305 A vulnerability has been found in 1902756969/code-projects IKUN_Library 1.0 and classified as problematic. This vulnerability affects the...
CVE Alert: CVE-2025-32248
Vulnerability Summary: CVE-2025-32248 Cross-Site Request Forgery (CSRF) vulnerability in SwiftXR SwiftXR (3D/AR/VR) Viewer allows Cross Site Request Forgery. This issue...
CVE Alert: CVE-2025-32247
Vulnerability Summary: CVE-2025-32247 Cross-Site Request Forgery (CSRF) vulnerability in ABCdatos AI Content Creator allows Cross Site Request Forgery. This issue...
CVE Alert: CVE-2025-32232
Vulnerability Summary: CVE-2025-32232 Missing Authorization vulnerability in ERA404 StaffList allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects...
CVE Alert: CVE-2025-32231
Vulnerability Summary: CVE-2025-32231 Missing Authorization vulnerability in Bookingor Bookingor allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects...
CVE Alert: CVE-2025-32229
Vulnerability Summary: CVE-2025-32229 Missing Authorization vulnerability in Bowo Variable Inspector allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...
CVE Alert: CVE-2025-32237
Vulnerability Summary: CVE-2025-32237 Missing Authorization vulnerability in Stylemix MasterStudy LMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...
CVE Alert: CVE-2025-32241
Vulnerability Summary: CVE-2025-32241 Cross-Site Request Forgery (CSRF) vulnerability in CleverReach® Official CleverReach Plugin for WooCommerce allows Cross Site Request Forgery....
CVE Alert: CVE-2025-32246
Vulnerability Summary: CVE-2025-32246 Missing Authorization vulnerability in Tim Nguyen 1-Click Backup & Restore Database allows Exploiting Incorrectly Configured Access Control...
CVE Alert: CVE-2025-32239
Vulnerability Summary: CVE-2025-32239 Missing Authorization vulnerability in Joao Romao Social Share Buttons & Analytics Plugin – GetSocial.io allows Exploiting Incorrectly...
CVE Alert: CVE-2025-32238
Vulnerability Summary: CVE-2025-32238 Generation of Error Message Containing Sensitive Information vulnerability in vcita Online Booking & Scheduling Calendar for WordPress...
CVE Alert: CVE-2025-32250
Vulnerability Summary: CVE-2025-32250 Cross-Site Request Forgery (CSRF) vulnerability in rollbar Rollbar allows Cross Site Request Forgery. This issue affects Rollbar:...
