Total
276632 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-26519 | 1 Publish To Schedule Project | 1 Publish To Schedule | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Benfica Publish to Schedule plugin <= 4.5.4 versions. | ||||
| CVE-2023-26517 | 1 Plugin-planet | 1 Dashboard Widget Suite | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeff Starr Dashboard Widgets Suite plugin <= 3.2.1 versions. | ||||
| CVE-2023-24400 | 1 Hu-manity | 1 Cookie Notice \& Compliance For Gdpr \/ Ccpa | 2025-01-09 | 6.5 Medium |
| Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Hu-manity.Co Cookie Notice & Compliance for GDPR / CCPA plugin <= 2.4.6 versions. | ||||
| CVE-2024-10106 | 2025-01-09 | 3.7 Low | ||
| A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer. | ||||
| CVE-2022-46799 | 1 I13websolution | 1 Easy Testimonial Slider And Form | 2025-01-09 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form plugin <= 1.0.15 versions. | ||||
| CVE-2023-23668 | 1 Givewp | 1 Givewp | 2025-01-09 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in GiveWP plugin <= 2.25.1 versions. | ||||
| CVE-2022-45812 | 1 Exxp Project | 1 Exxp | 2025-01-09 | 6.5 Medium |
| Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Martin Lees Exxp plugin <= 2.6.8 versions. | ||||
| CVE-2023-25452 | 1 Cms Press Project | 1 Cms Press | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Michael Pretty (prettyboymp) CMS Press plugin <= 0.2.3 versions. | ||||
| CVE-2023-28169 | 1 Easy Event Calendar Project | 1 Easy Event Calendar | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CoreFortress Easy Event calendar plugin <= 1.0 versions. | ||||
| CVE-2023-25052 | 1 Te-st | 1 Yandex.news Feed By Teplitsa | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Teplitsa Yandex.News Feed by Teplitsa plugin <= 1.12.5 versions. | ||||
| CVE-2021-47073 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-01-09 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios init_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on systems where the Dell WMI interface is supported. While exit_dell_smbios_wmi() unregisters it unconditionally, this leads to the following oops: [ 175.722921] ------------[ cut here ]------------ [ 175.722925] Unexpected driver unregister! [ 175.722939] WARNING: CPU: 1 PID: 3630 at drivers/base/driver.c:194 driver_unregister+0x38/0x40 ... [ 175.723089] Call Trace: [ 175.723094] cleanup_module+0x5/0xedd [dell_smbios] ... [ 175.723148] ---[ end trace 064c34e1ad49509d ]--- Make the unregister happen on the same condition the register happens to fix this. | ||||
| CVE-2022-47437 | 1 Wsb Brands Project | 1 Wsb Brands | 2025-01-09 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Branko Borilovic WSB Brands plugin <= 1.1.8 versions. | ||||
| CVE-2022-47439 | 1 Rocketapps | 1 Open Graphite | 2025-01-09 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rocket Apps Open Graphite plugin <= 1.6.0 versions. | ||||
| CVE-2023-28493 | 1 Machothemes | 1 Newsmag | 2025-01-09 | 6.5 Medium |
| Auth (subscriber+) Reflected Cross-Site Scripting (XSS) vulnerability in Macho Themes NewsMag theme <= 2.4.4 versions. | ||||
| CVE-2025-0341 | 2025-01-09 | 6.3 Medium | ||
| A vulnerability, which was classified as critical, has been found in CampCodes Computer Laboratory Management System 1.0. Affected by this issue is some unknown functionality of the file /class/edit/edit. The manipulation of the argument e_photo leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2022-45065 | 1 Squirrly | 1 Seo Plugin By Squirrly Seo | 2025-01-09 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Squirrly SEO Plugin by Squirrly SEO plugin <= 12.1.20 versions. | ||||
| CVE-2024-30916 | 1 Eprosima | 1 Fast Dds | 2025-01-09 | 7.1 High |
| An issue was discovered in eProsima FastDDS v.2.14.0 and before, allows a local attacker to cause a denial of service (DoS) and obtain sensitive information via a crafted max_samples parameter in DurabilityService QoS component. | ||||
| CVE-2023-24408 | 1 Lightspeedhq | 1 Ecwid Ecommerce Shopping Cart | 2025-01-09 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Ecwid Ecommerce Ecwid Ecommerce Shopping Cart plugin <= 6.11.4 versions. | ||||
| CVE-2023-23894 | 1 Surbma | 1 Gdpr Proof Cookie Consent \& Notice Bar | 2025-01-09 | 6.5 Medium |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Surbma Surbma | GDPR Proof Cookie Consent & Notice Bar plugin <= 17.5.3 versions. | ||||
| CVE-2023-22710 | 1 Return And Warranty Management System For Woocommerce Project | 1 Return And Warranty Management System For Woocommerce | 2025-01-09 | 7.1 High |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in chilidevs Return and Warranty Management System for WooCommerce plugin <= 1.2.3 versions. | ||||