Total 277647 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-46810 1 Villatheme 1 Woocommerce Thank You Page Customizer 2025-01-15 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions.
CVE-2022-46812 1 Villatheme 1 Woocommerce Thank You Page Customizer 2025-01-15 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Thank You Page Customizer for WooCommerce – Increase Your Sales plugin <= 1.0.13 versions.
CVE-2025-21298 2025-01-15 9.8 Critical
Windows OLE Remote Code Execution Vulnerability
CVE-2025-21299 2025-01-15 7.1 High
Windows Kerberos Security Feature Bypass Vulnerability
CVE-2025-21301 2025-01-15 6.5 Medium
Windows Geolocation Service Information Disclosure Vulnerability
CVE-2025-22799 2025-01-15 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Vertim Coders Neon Product Designer allows SQL Injection.This issue affects Neon Product Designer: from n/a through 2.1.1.
CVE-2025-22798 2025-01-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CHR Designer Responsive jQuery Slider allows Stored XSS.This issue affects Responsive jQuery Slider: from n/a through 1.1.1.
CVE-2025-22797 2025-01-15 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oğulcan Özügenç Gallery and Lightbox allows Stored XSS.This issue affects Gallery and Lightbox: from n/a through 1.0.14.
CVE-2025-22795 2025-01-15 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thorsten Krug Multilang Contact Form allows Reflected XSS.This issue affects Multilang Contact Form: from n/a through 1.5.
CVE-2025-22793 2025-01-15 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bold Bold pagos en linea allows DOM-Based XSS.This issue affects Bold pagos en linea: from n/a through 3.1.0.
CVE-2025-22788 2025-01-15 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codexpert, Inc CoDesigner WooCommerce Builder for Elementor allows Stored XSS.This issue affects CoDesigner WooCommerce Builder for Elementor: from n/a through 4.7.17.2.
CVE-2025-22787 2025-01-15 4.3 Medium
Missing Authorization vulnerability in bPlugins LLC Button Block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Button Block: from n/a through 1.1.5.
CVE-2025-22786 2025-01-15 7.5 High
Path Traversal vulnerability in ElementInvader ElementInvader Addons for Elementor allows PHP Local File Inclusion.This issue affects ElementInvader Addons for Elementor: from n/a through 1.2.6.
CVE-2025-22785 2025-01-15 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ComMotion Course Booking System allows SQL Injection.This issue affects Course Booking System: from n/a through 6.0.5.
CVE-2025-21302 2025-01-15 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21303 2025-01-15 8.8 High
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21304 2025-01-15 7.8 High
Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2025-22784 2025-01-15 8.6 High
Cross-Site Request Forgery (CSRF) vulnerability in Johan Ström Background Control allows Path Traversal.This issue affects Background Control: from n/a through 1.0.5.
CVE-2025-22782 2025-01-15 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Web Ready Now WR Price List Manager For Woocommerce allows Upload a Web Shell to a Web Server.This issue affects WR Price List Manager For Woocommerce: from n/a through 1.0.8.
CVE-2025-21297 2025-01-15 8.1 High
Windows Remote Desktop Services Remote Code Execution Vulnerability