VULNMAP - Vulnerabilità di Sicurezza

Lista CVE - 2025 / Gennaio

Visualizzazione 4201 - 4277 di 4277 CVE per Gennaio 2025 (Pagina 43 di 43)

ID CVE Data Titolo
CVE-2025-22332 2025-01-31 WordPress CloudFlare(R) Cache Purge plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-22341 2025-01-31 WordPress Hide Login+ plugin <= 3.5.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-22564 2025-01-31 WordPress Pretty Url Plugin <= 1.5.4 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-22720 2025-01-31 WordPress WpRently | WordPress plugin plugin <= 2.2.1 - Broken Access Control vulnerability
CVE-2025-22757 2025-01-31 WordPress CodeBard Help Desk plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability
CVE-2025-23976 2025-01-31 WordPress Issuu Panel plugin <= 2.1.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2025-23977 2025-01-31 WordPress Post Carousel Slider plugin <= 2.0.1 - CSRF to Stored XSS vulnerability
CVE-2025-23978 2025-01-31 WordPress FlashCounter plugin <= 1.1.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2025-23980 2025-01-31 WordPress Full Circle plugin <= 0.5.7.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CVE-2025-23985 2025-01-31 WordPress Dynamic URL SEO plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-23987 2025-01-31 WordPress Designer plugin <= 1.6.0 - Cross Site Scripting (XSS) vulnerability
CVE-2025-23989 2025-01-31 WordPress Internal Link Builder plugin <= 1.0 - CSRF to Stored XSS vulnerability
CVE-2025-23990 2025-01-31 WordPress Scroll Styler plugin <= 1.1 - CSRF to Stored XSS vulnerability
CVE-2025-23596 2025-01-31 WordPress Notifikácie.sk plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23671 2025-01-31 WordPress WP OpenSearch plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
CVE-2025-23759 2025-01-31 WordPress Affiliate Tools Việt Nam plugin <= 0.3.17 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24534 2025-01-31 WordPress DPortfolio plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24535 2025-01-31 WordPress SKT Donation plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24549 2025-01-31 WordPress Post Meta plugin <= 1.0.9 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24551 2025-01-31 WordPress Radio Buttons and Swatches for WooCommerce plugin <= 1.1.20 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24560 2025-01-31 WordPress Awesome Event Booking plugin <= 2.7.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24563 2025-01-31 WordPress Cleanup – Directory Listing & Classifieds plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24597 2025-01-31 WordPress Barcode Generator for WooCommerce plugin <= 2.0.2 - Sensitive Data Exposure vulnerability
CVE-2025-24608 2025-01-31 WordPress GD Mail Queue Plugin <= 4.3 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24609 2025-01-31 WordPress PORTONE 우커머스 결제 Plugin <= 3.2.4 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24632 2025-01-31 WordPress Advanced Dynamic Pricing for WooCommerce Plugin <= 4.9.0 -Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24635 2025-01-31 WordPress Paytm – Donation Plugin plugin <= 2.3.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24686 2025-01-31 WordPress RegistrationMagic Plugin <= 6.0.3.3 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24710 2025-01-31 WordPress Gwolle Guestbook plugin <= 4.7.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24718 2025-01-31 WordPress WP Sessions Time Monitoring Full Automatic Plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24749 2025-01-31 WordPress EZPZ SAML SP Single Sign On (SSO) plugin <= 1.2.5 - CSRF to Stored XSS vulnerability
CVE-2024-13472 2025-01-31 WooCommerce Product Table Lite <= 3.9.4 - Unauthenticated Arbitrary Shortcode Execution & Reflected Cross-Site Scripting
CVE-2024-12267 2025-01-31 Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.8.5 - Limited Arbitrary File Deletion
CVE-2024-12415 2025-01-31 AI Infographic Maker <= 4.9.0 - Unauthenticated Arbitrary Shortcode Execution
CVE-2024-13662 2025-01-31 eHive Objects Image Grid <= 2.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-12037 2025-01-31 Frontend Content Forms for User Submissions (UGC) <= 2.8.13 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-57948 2025-01-31 mac802154: check local interfaces before deleting sdata list
CVE-2025-21665 2025-01-31 filemap: avoid truncating 64-bit offset to 32 bits
CVE-2025-21666 2025-01-31 vsock: prevent null-ptr-deref in vsock_*[has_data|has_space]
CVE-2025-21667 2025-01-31 iomap: avoid avoid truncating 64-bit offset to 32 bits
CVE-2025-21668 2025-01-31 pmdomain: imx8mp-blk-ctrl: add missing loop break condition
CVE-2025-21669 2025-01-31 vsock/virtio: discard packets if the transport changes
CVE-2025-21670 2025-01-31 vsock/bpf: return early if transport is not assigned
CVE-2025-21671 2025-01-31 zram: fix potential UAF of zram table
CVE-2025-21672 2025-01-31 afs: Fix merge preference rule failure condition
CVE-2025-21673 2025-01-31 smb: client: fix double free of TCP_Server_Info::hostname
CVE-2025-21674 2025-01-31 net/mlx5e: Fix inversion dependency warning while enabling IPsec tunnel
CVE-2025-21675 2025-01-31 net/mlx5: Clear port select structure when fail to create
CVE-2025-21676 2025-01-31 net: fec: handle page_pool_dev_alloc_pages error
CVE-2025-21677 2025-01-31 pfcp: Destroy device along with udp socket's netns dismantle.
CVE-2025-21678 2025-01-31 gtp: Destroy device along with udp socket's netns dismantle.
CVE-2025-21679 2025-01-31 btrfs: add the missing error handling inside get_canonical_dev_path
CVE-2025-21680 2025-01-31 pktgen: Avoid out-of-bounds access in get_imix_entries
CVE-2025-21681 2025-01-31 openvswitch: fix lockup on tx to unregistering netdev with carrier
CVE-2025-21682 2025-01-31 eth: bnxt: always recalculate features after XDP clearing, fix null-deref
CVE-2025-21683 2025-01-31 bpf: Fix bpf_sk_select_reuseport() memory leak
CVE-2025-24831 2025-01-31 Local privilege escalation due to unquoted search path vulnerability. The...
CVE-2025-24830 2025-01-31 Local privilege escalation due to DLL hijacking vulnerability. The following...
CVE-2025-24829 2025-01-31 Local privilege escalation due to DLL hijacking vulnerability. The following...
CVE-2025-24827 2025-01-31 Local privilege escalation due to DLL hijacking vulnerability. The following...
CVE-2025-24828 2025-01-31 Local privilege escalation due to DLL hijacking vulnerability. The following...
CVE-2025-0929 2025-01-31 SQL injection vulnerability in TeamCal Neo
CVE-2025-0930 2025-01-31 Reflected Cross-Site Scripting (XSS) vulnerability in TeamCal Neo
CVE-2024-45650 2025-01-31 IBM Security Verify Directory denial of service
CVE-2024-11741 2025-01-31 Grafana is an open-source platform for monitoring and observability. The...
CVE-2023-38739 2025-01-31 IBM Sterling B2B Integrator cross-site request forgery
CVE-2024-47103 2025-01-31 IBM Sterling B2B Integrator cross-site scripting
CVE-2024-40696 2025-01-31 IBM Sterling B2B Integrator cross-site scripting
CVE-2024-49807 2025-01-31 IBM Sterling B2B Integrator cross-site scripting
CVE-2025-23215 2025-01-31 PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext
CVE-2024-45089 2025-01-31 IBM Sterling B2B Integrator information disclosure
CVE-2024-47116 2025-01-31 IBM Sterling B2B Integrator cross-site scripting
CVE-2024-49339 2025-01-31 IBM Financial Transaction Manager cross-site scripting
CVE-2024-49349 2025-01-31 IBM Financial Transaction Manager cross-site scripting
CVE-2025-0938 2025-01-31 URL parser allowed square brackets in domain names
CVE-2025-0934 2025-01-31 code-projects Job Recruitment _call_job_search_ajax.php sql injection
CVE-2025-24891 2025-01-31 Dumb Drop has an arbitrary file overwrite and path traversal for root shell