Total
297778 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-49272 | 2025-06-06 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in sergiotrinity Trinity Audio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Trinity Audio: from n/a through 5.20.0. | |||||
| CVE-2025-49425 | 2025-06-06 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Adrian Hanft Konami Easter Egg allows Stored XSS. This issue affects Konami Easter Egg: from n/a through v0.4. | |||||
| CVE-2025-49268 | 2025-06-06 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in Soft8Soft LLC Verge3D allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Verge3D: from n/a through 4.9.4. | |||||
| CVE-2025-49311 | 2025-06-06 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CoolHappy The Events Calendar Countdown Addon allows Stored XSS. This issue affects The Events Calendar Countdown Addon: from n/a through 1.4.9. | |||||
| CVE-2025-49329 | 2025-06-06 | N/A | 6.6 MEDIUM | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in Agile Logix Store Locator WordPress allows Upload a Web Shell to a Web Server. This issue affects Store Locator WordPress: from n/a through 1.5.2. | |||||
| CVE-2025-28964 | 2025-06-06 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in mangup Personal Favicon allows Stored XSS. This issue affects Personal Favicon: from n/a through 2.0. | |||||
| CVE-2025-49307 | 2025-06-06 | N/A | 7.5 HIGH | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Magazine3 WP Multilang allows PHP Local File Inclusion. This issue affects WP Multilang: from n/a through 2.4.19. | |||||
| CVE-2025-23969 | 2025-06-06 | N/A | 5.3 MEDIUM | ||
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences allows Retrieve Embedded Sensitive Data. This issue affects KI Live Video Conferences: from n/a through 5.5.15. | |||||
| CVE-2025-49073 | 2025-06-06 | N/A | 9.8 CRITICAL | ||
| Deserialization of Untrusted Data vulnerability in Axiomthemes Sweet Dessert allows Object Injection.This issue affects Sweet Dessert: from n/a before 1.1.13. | |||||
| CVE-2025-30990 | 2025-06-06 | N/A | 4.3 MEDIUM | ||
| Missing Authorization vulnerability in ThemeHunk ThemeHunk allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ThemeHunk: from n/a through 1.1.1. | |||||
| CVE-2025-30995 | 2025-06-06 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Widgetize Pages Light allows Stored XSS. This issue affects Widgetize Pages Light: from n/a through 3.0. | |||||
| CVE-2025-49236 | 2025-06-06 | N/A | 5.3 MEDIUM | ||
| Missing Authorization vulnerability in raychat Raychat allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Raychat: from n/a through 2.1.0. | |||||
| CVE-2023-26000 | 2025-06-06 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hanhdo205 Bang tinh vay allows Stored XSS. This issue affects Bang tinh vay: from n/a through 1.0.1. | |||||
| CVE-2025-49262 | 2025-06-06 | N/A | 7.6 HIGH | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shaonsina Sina Extension for Elementor allows Stored XSS. This issue affects Sina Extension for Elementor: from n/a through 3.6.1. | |||||
| CVE-2025-31025 | 2025-06-06 | N/A | 6.5 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Blocksera Image Hover Effects Block allows Stored XSS. This issue affects Image Hover Effects Block: from n/a through 1.4.5. | |||||
| CVE-2025-49439 | 2025-06-06 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in mariusz88atelierweb Atelier Create CV allows Cross Site Request Forgery. This issue affects Atelier Create CV: from n/a through 1.1.2. | |||||
| CVE-2025-49238 | 2025-06-06 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in everestthemes Everest Backup allows Cross Site Request Forgery. This issue affects Everest Backup: from n/a through 2.3.3. | |||||
| CVE-2025-30948 | 2025-06-06 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Giraphix Creative Layouts for Elementor allows Cross Site Request Forgery. This issue affects Layouts for Elementor: from n/a through 1.11. | |||||
| CVE-2025-30634 | 2025-06-06 | N/A | 5.9 MEDIUM | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IWEBIX WP Featured Content Slider allows Stored XSS. This issue affects WP Featured Content Slider: from n/a through 2.6. | |||||
| CVE-2025-48328 | 2025-06-06 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Daman Jeet Real Time Validation for Gravity Forms allows Cross Site Request Forgery.This issue affects Real Time Validation for Gravity Forms: from n/a through 1.7.0. | |||||