Total
306745 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-52732 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RealMag777 Google Map Targeting allows PHP Local File Inclusion. This issue affects Google Map Targeting: from n/a through 1.1.6. | ||||
| CVE-2023-5685 | 1 Redhat | 12 Apache-camel-spring-boot, Apache Camel Hawtio, Build Keycloak and 9 more | 2025-08-14 | 7.5 High |
| A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS). | ||||
| CVE-2025-52721 | 2 Lcweb, Wordpress | 2 Global Gallery, Wordpress | 2025-08-14 | 6.5 Medium |
| Missing Authorization vulnerability in LCweb Global Gallery allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Global Gallery: from n/a through 9.2.3. | ||||
| CVE-2025-52720 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder allows SQL Injection. This issue affects Super Store Finder: from n/a through 7.5. | ||||
| CVE-2025-52716 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Acato WP REST Cache allows PHP Local File Inclusion. This issue affects WP REST Cache: from n/a through 2025.1.0. | ||||
| CVE-2025-54701 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Unicamp allows PHP Local File Inclusion. This issue affects Unicamp: from n/a through 2.6.3. | ||||
| CVE-2025-49065 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BestiaDurmiente Visit Counter allows Stored XSS. This issue affects Visit Counter: from n/a through 1.0. | ||||
| CVE-2025-49052 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 4.3 Medium |
| Missing Authorization vulnerability in Dariolee Netease Music allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Netease Music: from n/a through 3.2.1. | ||||
| CVE-2025-49051 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in biscia7 Hide Text Shortcode allows Stored XSS. This issue affects Hide Text Shortcode: from n/a through 1.1. | ||||
| CVE-2025-49048 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in inspectlet Inspectlet – User Session Recording and Heatmaps allows Stored XSS. This issue affects Inspectlet – User Session Recording and Heatmaps: from n/a through 2.0. | ||||
| CVE-2025-49047 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in keeross DigitalOcean Spaces Sync allows Stored XSS. This issue affects DigitalOcean Spaces Sync: from n/a through 2.2.1. | ||||
| CVE-2025-49033 | 2 Metagauss, Wordpress | 2 Profilegrid, Wordpress | 2025-08-14 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid allows Blind SQL Injection. This issue affects ProfileGrid : from n/a through 5.9.5.3. | ||||
| CVE-2025-48332 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in PublishPress Gutenberg Blocks allows PHP Local File Inclusion. This issue affects Gutenberg Blocks: from n/a through 3.3.1. | ||||
| CVE-2025-48293 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 9.8 Critical |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Dylan Kuhn Geo Mashup allows PHP Local File Inclusion. This issue affects Geo Mashup: from n/a through 1.13.16. | ||||
| CVE-2025-47689 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in johnh10 Video Blogster Lite allows Reflected XSS. This issue affects Video Blogster Lite: from n/a through 1.2. | ||||
| CVE-2025-3703 | 2 Wipeoutmedia, Wordpress | 2 Css & Javascript Toolbox, Wordpress | 2025-08-14 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wipeoutmedia CSS & JavaScript Toolbox allows PHP Local File Inclusion. This issue affects CSS & JavaScript Toolbox: from n/a through n/a. | ||||
| CVE-2025-54671 | 2 Bobbingwide, Wordpress | 2 Oik, Wordpress | 2025-08-14 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide oik allows Cross Site Request Forgery. This issue affects oik: from n/a through 4.15.2. | ||||
| CVE-2025-54676 | 2 Vcita, Wordpress | 2 Online Booking & Scheduling Calendar For Wordpress By Vcita, Wordpress | 2025-08-14 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita allows Stored XSS. This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through 4.5.3. | ||||
| CVE-2025-54678 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hassantafreshi Easy Form Builder allows Blind SQL Injection. This issue affects Easy Form Builder: from n/a through 3.8.15. | ||||
| CVE-2025-54680 | 1 Wordpress | 1 Wordpress | 2025-08-14 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sparkle Themes Blogger Buzz allows Stored XSS. This issue affects Blogger Buzz: from n/a through 1.2.6. | ||||