Lista CVE - 2025 / Gennaio
Visualizzazione 3101 - 3200 di 4277 CVE per Gennaio 2025 (Pagina 32 di 43)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2025-23679 | 2025-01-22 | WordPress FP RSS Category Excluder plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23681 | 2025-01-22 | WordPress REDIRECTION PLUS plugin <= 2.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23682 | 2025-01-22 | WordPress Preloader Quotes plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23683 | 2025-01-22 | WordPress MACME plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23684 | 2025-01-22 | WordPress Debug Tool plugin <= 2.2 - Broken Access Control vulnerability |
| CVE-2025-23686 | 2025-01-22 | WordPress Admin Menu Organizer plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23695 | 2025-01-22 | WordPress CtyGrid Hyp3rL0cal Search plugin <= 0.1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23696 | 2025-01-22 | WordPress Staging CDN plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23697 | 2025-01-22 | WordPress Podčlánková inzerce plugin <= 2.4.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23700 | 2025-01-22 | WordPress yCyclista plugin <= 1.2.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23701 | 2025-01-22 | WordPress Lime Developer Login plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23706 | 2025-01-22 | WordPress Jet Skinner for BuddyPress plugin <= 1.2.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23732 | 2025-01-22 | WordPress Easy Filtering plugin <= 2.5.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23758 | 2025-01-22 | WordPress pootle button plugin <= 1.2.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23769 | 2025-01-22 | WordPress Content Mirror plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23770 | 2025-01-22 | WordPress Fast Tube plugin <= 2.3.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23774 | 2025-01-22 | WordPress WPDB to Sql plugin <= 1.2 - Sensitive Data Exposure vulnerability |
| CVE-2025-23781 | 2025-01-22 | WordPress WM Options Import Export plugin <= 1.0.1 - Sensitive Data Exposure vulnerability |
| CVE-2025-23784 | 2025-01-22 | WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - SQL Injection vulnerability |
| CVE-2025-23798 | 2025-01-22 | WordPress Mass Messaging in BuddyPress Plugin <= 2.2.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23803 | 2025-01-22 | WordPress Snippy Plugin <= 1.4.1 - CSRF to Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23806 | 2025-01-22 | WordPress Ultimate Subscribe Plugin <=1.3 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23811 | 2025-01-22 | WordPress WP2APP Plugin <= 2.6.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23866 | 2025-01-22 | WordPress EU DSGVO Helper Plugin <= 1.0.6.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23867 | 2025-01-22 | WordPress WordPress File Search Plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23874 | 2025-01-22 | WordPress WP Block Pack plugin <= 1.1.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23910 | 2025-01-22 | WordPress Menus Plus+ Plugin <= 1.9.6 - SQL Injection vulnerability |
| CVE-2025-23918 | 2025-01-22 | WordPress Smallerik File Browser plugin <= 1.1 - Arbitrary File Upload vulnerability |
| CVE-2025-23921 | 2025-01-22 | WordPress Multi Uploader for Gravity Forms plugin <= 1.1.3 - Arbitrary File Upload vulnerability |
| CVE-2025-23931 | 2025-01-22 | WordPress WordPress Local SEO plugin <= 2.3 - SQL Injection vulnerability |
| CVE-2025-23932 | 2025-01-22 | WordPress Quick Count Plugin <= 3.00 - PHP Object Injection vulnerability |
| CVE-2025-23938 | 2025-01-22 | WordPress Image Gallery Box by CRUDLab Plugin <= 1.0.3 - Local File Inclusion vulnerability |
| CVE-2025-23942 | 2025-01-22 | WordPress WP Load Gallery Plugin <= 2.1.6 - Arbitrary File Upload vulnerability |
| CVE-2025-23944 | 2025-01-22 | WordPress WOOEXIM Plugin <= 5.0.0 - PHP Object Injection vulnerability |
| CVE-2025-23948 | 2025-01-22 | WordPress Background animation blocks Plugin <= 2.1.5 - Local File Inclusion vulnerability |
| CVE-2025-23949 | 2025-01-22 | WordPress Improved Sale Badges – Free Version Plugin <= 1.0.1 - Local File Inclusion vulnerability |
| CVE-2025-23953 | 2025-01-22 | WordPress user files plugin <= 2.4.2 - Arbitrary File Upload vulnerability |
| CVE-2025-23959 | 2025-01-22 | WordPress Good Old Gallery Plugin <= 2.1.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23966 | 2025-01-22 | WordPress a Gateway for Pasargad Bank on WooCommerce Plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22772 | 2025-01-22 | WordPress Mapbox for WP Advanced Plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23449 | 2025-01-22 | WordPress Simple shortcode buttons plugin <= 1.3.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23462 | 2025-01-22 | WordPress FWD Slider plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23475 | 2025-01-22 | WordPress History timeline plugin <= 0.7.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23486 | 2025-01-22 | WordPress Database Sync plugin <= 0.5.1 - Sensitive Data Exposure vulnerability |
| CVE-2025-23506 | 2025-01-22 | WordPress WP IMAP Auth plugin <= 4.0.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23643 | 2025-01-22 | WordPress ReadMe Creator plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23709 | 2025-01-22 | WordPress Formatted post plugin <= 1.01 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23746 | 2025-01-22 | WordPress CMC MIGRATE plugin <= 0.0.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23768 | 2025-01-22 | WordPress InFunding plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23812 | 2025-01-22 | WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23846 | 2025-01-22 | WordPress Flexible Blogtitle Plugin <= 0.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23882 | 2025-01-22 | WordPress WP Download Codes Plugin <= 2.5.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-0604 | 2025-01-22 | Keycloak-ldap-federation: authentication bypass due to missing ldap bind after password reset in keycloak |
| CVE-2025-23992 | 2025-01-22 | WordPress Toocheke Companion plugin <= 1.166 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23809 | 2025-01-22 | WordPress Blue Wrench Video Widget Plugin <= 2.1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23914 | 2025-01-22 | WordPress Muzaara Google Ads Report Plugin <= 3.1 - PHP Object Injection vulnerability |
| CVE-2025-0638 | 2025-01-22 | Routinator crashes when illegal characters are present in manifest file names |
| CVE-2024-10929 | 2025-01-22 | Spectre-BSE |
| CVE-2024-31903 | 2025-01-22 | IBM Sterling B2B Integrator Standard Edition code execution |
| CVE-2025-20128 | 2025-01-22 | ClamAV OLE2 File Format Decryption Denial of Service Vulnerability |
| CVE-2025-20156 | 2025-01-22 | Cisco Meeting Management Client-Server Privilege Escalation Vulnerability |
| CVE-2025-20165 | 2025-01-22 | Cisco BroadWorks SIP Denial of Service Vulnerability |
| CVE-2024-51457 | 2025-01-22 | IBM Robotic Process Automation for Cloud Pak cross-site scripting |
| CVE-2025-23028 | 2025-01-22 | DoS in Cilium agent DNS proxy from crafted DNS responses |
| CVE-2025-24397 | 2025-01-22 | An incorrect permission check in Jenkins GitLab Plugin 1.9.6 and... |
| CVE-2025-24398 | 2025-01-22 | Jenkins Bitbucket Server Integration Plugin 2.1.0 through 4.1.3 (both inclusive)... |
| CVE-2025-24399 | 2025-01-22 | Jenkins OpenId Connect Authentication Plugin 4.452.v2849b_d3945fa_ and earlier, except 4.438.440.v3f5f201de5dc,... |
| CVE-2025-24400 | 2025-01-22 | Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 (both inclusive) uses... |
| CVE-2025-24401 | 2025-01-22 | Jenkins Folder-based Authorization Strategy Plugin 217.vd5b_18537403e and earlier does not... |
| CVE-2025-24402 | 2025-01-22 | A cross-site request forgery (CSRF) vulnerability in Jenkins Azure Service... |
| CVE-2025-24403 | 2025-01-22 | A missing permission check in Jenkins Azure Service Fabric Plugin... |
| CVE-2025-23047 | 2025-01-22 | Cilium vulnerable to information leakage via insecure default Hubble UI CORS header |
| CVE-2025-0651 | 2025-01-22 | File symlink abuse might lead to deleting files belonging to SYSTEM user |
| CVE-2024-11166 | 2025-01-22 | Traffic Alert and Collision Avoidance System (TCAS) II has an External Control of System or Configuration Setting vulnerability |
| CVE-2024-9310 | 2025-01-22 | Traffic Alert and Collision Avoidance System (TCAS) II has a Reliance on Untrusted Inputs in a Security Decision vulnerability |
| CVE-2025-0611 | 2025-01-22 | Object corruption in V8 in Google Chrome prior to 132.0.6834.110... |
| CVE-2025-0612 | 2025-01-22 | Out of bounds memory access in V8 in Google Chrome... |
| CVE-2024-12477 | 2025-01-22 | Avada Builder <= 3.11.11 - Authenticated (Contributor+) Stored Cross-Site Scripting in Multiple Widgets |
| CVE-2023-46400 | 2025-01-23 | KWHotel 0.47 is vulnerable to CSV Formula Injection in the... |
| CVE-2023-46401 | 2025-01-23 | KWHotel 0.47 is vulnerable to CSV Formula Injection in the... |
| CVE-2024-50664 | 2025-01-23 | gpac 2.4 contains a heap-buffer-overflow at isomedia/sample_descs.c:1799 in gf_isom_new_mpha_description in... |
| CVE-2024-50665 | 2025-01-23 | gpac 2.4 contains a SEGV at src/isomedia/drm_sample.c:1562:96 in isom_cenc_get_sai_by_saiz_saio in... |
| CVE-2024-53379 | 2025-01-23 | Heap buffer overflow in the server site handshake implementation in... |
| CVE-2024-53588 | 2025-01-23 | A DLL hijacking vulnerability in iTop VPN v16.0 allows attackers... |
| CVE-2024-53923 | 2025-01-23 | An issue was discovered in Centreon Web 24.10.x before 24.10.3,... |
| CVE-2024-55192 | 2025-01-23 | OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via... |
| CVE-2024-55193 | 2025-01-23 | OpenImageIO v3.1.0.0dev was discovered to contain a segmentation violation via... |
| CVE-2024-55194 | 2025-01-23 | OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via... |
| CVE-2024-55195 | 2025-01-23 | An allocation-size-too-big bug in the component /imagebuf.cpp of OpenImageIO v3.1.0.0dev... |
| CVE-2024-55573 | 2025-01-23 | An issue was discovered in Centreon centreon-web 24.10.x before 24.10.3,... |
| CVE-2024-55971 | 2025-01-23 | SQL Injection vulnerability in the default configuration of the Logitime... |
| CVE-2024-57326 | 2025-01-23 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in the search.php... |
| CVE-2024-57328 | 2025-01-23 | A SQL Injection vulnerability exists in the login form of... |
| CVE-2024-57329 | 2025-01-23 | HortusFox v3.9 contains a stored XSS vulnerability in the "Add... |
| CVE-2024-57386 | 2025-01-23 | Cross Site Scripting vulnerability in Wallos v.2.41.0 allows a remote... |
| CVE-2024-57556 | 2025-01-23 | Cross Site Scripting vulnerability in nbubna store v.2.14.2 and before... |
| CVE-2024-57719 | 2025-01-23 | lunasvg v3.0.0 was discovered to contain a segmentation violation via... |
| CVE-2024-57720 | 2025-01-23 | lunasvg v3.0.0 was discovered to contain a segmentation violation via... |
| CVE-2024-57721 | 2025-01-23 | lunasvg v3.0.0 was discovered to contain a segmentation violation via... |
| CVE-2024-57722 | 2025-01-23 | lunasvg v3.0.0 was discovered to contain a allocation-size-too-big bug via... |