Lista CVE - 2025 / Marzo

Visualizzazione 2901 - 3000 di 4018 CVE per Marzo 2025 (Pagina 30 di 41)

Torna alla Lista Precedente Successivo

ID CVE	Data	Titolo
CVE-2025-2302	2025-03-25	Advanced Woo Search <= 3.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via aws_search_terms Shortcode
CVE-2025-2276	2025-03-25	Ultimate Dashboard <= 3.8.7 - Missing Authorization to Authenticated (Subscriber+) Plugin Modules Activation/Deactivation
CVE-2024-41643	2025-03-26	An issue in Arris NVG443B 9.3.0h3d36 allows a physically proximate...
CVE-2024-55963	2025-03-26	An issue was discovered in Appsmith before 1.51. A user...
CVE-2024-55964	2025-03-26	An issue was discovered in Appsmith before 1.52. An incorrectly...
CVE-2024-55965	2025-03-26	An issue was discovered in Appsmith before 1.51. Users invited...
CVE-2025-25535	2025-03-26	HTTP Response Manipulation in SCRIPT CASE v.1.0.002 Build7 allows a...
CVE-2025-26001	2025-03-26	Telesquare TLR-2005KSH 1.1.4 is vulnerable to Information Disclosure via the...
CVE-2025-26002	2025-03-26	Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized stack overflow...
CVE-2025-26003	2025-03-26	Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized command execution...
CVE-2025-26004	2025-03-26	Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack buffer overflow...
CVE-2025-26005	2025-03-26	Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack overflow vulnerability...
CVE-2025-26006	2025-03-26	Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when...
CVE-2025-26007	2025-03-26	Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability in...
CVE-2025-26008	2025-03-26	In Telesquare TLR-2005KSH 1.1.4, an unauthorized stack overflow vulnerability exists...
CVE-2025-26009	2025-03-26	Telesquare TLR-2005KSH 1.1.4 has an Information Disclosure vulnerability when requesting...
CVE-2025-26010	2025-03-26	Telesquare TLR-2005KSH 1.1.4 allows unauthorized password modification when requesting the...
CVE-2025-26011	2025-03-26	Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when...
CVE-2025-28361	2025-03-26	Unauthorized stack overflow vulnerability in Telesquare TLR-2005KSH v.1.1.4 allows a...
CVE-2025-29322	2025-03-26	A cross-site scripting (XSS) vulnerability in ScriptCase before v1.0.003 -...
CVE-2025-30073	2025-03-26	An issue was discovered in OPC cardsystems Webapp Aufwertung 2.1.0....
CVE-2025-30742	2025-03-26	httpd.c in atophttpd 2.8.0 has an off-by-one error and resultant...
CVE-2025-31160	2025-03-26	atop through 2.11.0 allows local users to cause a denial...
CVE-2025-2576	2025-03-26	Ayyash Studio <= 1.0.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
CVE-2025-2573	2025-03-26	Amazing service box Addons For WPBakery Page Builder <= 2.0.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
CVE-2025-2165	2025-03-26	SH Email Alert <= 1.0 - Reflected Cross-Site Scripting
CVE-2025-1490	2025-03-26	Smart Maintenance Mode <= 1.5.2 - Reflected Cross-Site Scripting via setstatus Parameter
CVE-2025-1784	2025-03-26	Spectra – WordPress Gutenberg Blocks <= 2.19.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2024-11847	2025-03-26	WP SVG Upload <= 1.0.0 - Author+ Stored XSS via SVG
CVE-2024-12683	2025-03-26	Smart Maintenance Mode < 1.5.2 - Admin+ Stored XSS
CVE-2024-13146	2025-03-26	Booknetic < 4.1.5 - Staff Creation via CSRF
CVE-2023-52972	2025-03-26	Huawei PCs have a vulnerability that allows low-privilege users to...
CVE-2024-30155	2025-03-26	HCL SX is susceptible to cookie with Insecure, Improper, or Missing SameSite attribute vulnerability
CVE-2025-2257	2025-03-26	Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid <= 1.16.10 - Authenticated (Admin+) Command Injection
CVE-2025-2167	2025-03-26	Event post <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2025-2009	2025-03-26	Newsletters <= 4.9.9.7 - Unauthenticated Stored Cross-Site Scripting
CVE-2025-1514	2025-03-26	Active Products Tables for WooCommerce <= 1.0.6.7 - Unauthenticated Arbitrary Filter Call
CVE-2024-13801	2025-03-26	BWL Advanced FAQ Manager <= 2.1.4 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update
CVE-2024-13702	2025-03-26	CRM and Lead Management by vcita <= 2.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2025-1310	2025-03-26	Jobs for WordPress <= 2.7.11 - Authenticated (Subscriber+) Arbitrary File Read
CVE-2025-1439	2025-03-26	Advanced iFrame <= 2024.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Host Header
CVE-2025-1437	2025-03-26	Advanced iFrame <= 2024.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2025-1703	2025-03-26	Ultimate Blocks <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via content Parameter
CVE-2025-1440	2025-03-26	Advanced iFrame <= 2024.5 - Unauthenticated Settings Update
CVE-2025-2596	2025-03-26	Session logout can be overwritten by long lasting request
CVE-2025-1542	2025-03-26	Improper permission control in OXARI ServiceDesk
CVE-2025-27551	2025-03-26	DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Digest.pm
CVE-2025-27552	2025-03-26	DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Crypt/Eksblowfish/Bcrypt.pm
CVE-2025-2110	2025-03-26	WP Compress <= 6.30.15 - Authenticated (Subscriber+) Missing Authorization via Multiple Functions
CVE-2025-1769	2025-03-26	Product Import Export for WooCommerce <= 2.5.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function
CVE-2024-13889	2025-03-26	WordPress Importer <= 0.8.3 - Authenticated (Administrator+) PHP Object Injection
CVE-2024-13411	2025-03-26	Zapier for WordPress <= 1.5.1 - Authenticated (Subscriber+) Blind Server-Side Request Forgery via updated_user Function
CVE-2025-1312	2025-03-26	Ultimate Blocks – WordPress Blocks Plugin <= 3.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2025-1912	2025-03-26	Product Import Export for WooCommerce <= 2.5.0 - Authenticated (Administrator+) Server-Side Request Forgery via validate_file Function
CVE-2025-1911	2025-03-26	Product Import Export for WooCommerce <= 2.5.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page Function
CVE-2025-1913	2025-03-26	Product Import Export for WooCommerce <= 2.5.0 - Authenticated (Admin+) PHP Object Injection via form_data Parameter
CVE-2025-2228	2025-03-26	Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates <= 1.6.8 - Authenticated (Contributor+) Sensitive Information Exposure
CVE-2024-45351	2025-03-26	Game center application has code execution Vulnerability
CVE-2025-23203	2025-03-26	Icinga has rest API endpoints accessible to restricted users
CVE-2022-39163	2025-03-26	IBM Cognos Controller HTTP response smuggling
CVE-2025-24808	2025-03-26	Discourse has race condition when adding users to a group DM
CVE-2025-24972	2025-03-26	Discourse may bypass user preference when adding users to chat groups
CVE-2025-27404	2025-03-26	Icinga Web 2 DOM-based XSS vulnerability
CVE-2025-22283	2025-03-26	WordPress GetSocial Plugin <= 2.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23459	2025-03-26	WordPress NS Simple Intro Loader plugin <= 2.2.3 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23460	2025-03-26	WordPress RWS Enquiry And Lead Follow-up plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23466	2025-03-26	WordPress Site Editor Google Map plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23542	2025-03-26	WordPress RDP Linkedin Login plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability
CVE-2025-23543	2025-03-26	WordPress FOMO Pay Chinese Payment Solution plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23546	2025-03-26	WordPress RDP inGroups+ plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability
CVE-2025-23612	2025-03-26	WordPress Pixobe Cartography plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23632	2025-03-26	WordPress CG Button plugin <= 1.0.5.6 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23633	2025-03-26	WordPress WP Database Audit plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23638	2025-03-26	WordPress Frontend Post Submission plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23666	2025-03-26	WordPress Management-screen-droptiles plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23680	2025-03-26	WordPress Narnoo Operator plugin <= 2.0.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23704	2025-03-26	WordPress Your Lightbox plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23714	2025-03-26	WordPress AppReview plugin <= 0.2.9 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23728	2025-03-26	WordPress AuMenu plugin <= 1.1.5 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23735	2025-03-26	WordPress Infugrator plugin <= 1.0.3 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-23937	2025-03-26	WordPress LinkedIn Lite Plugin <= 1.0 - Local File Inclusion vulnerability
CVE-2025-23952	2025-03-26	WordPress Custom Field List Widget Plugin <= 1.5.1 - Local File Inclusion vulnerability
CVE-2025-23964	2025-03-26	WordPress Google Plus Plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-24690	2025-03-26	WordPress Formality Plugin <= 1.5.7 - Local File Inclusion vulnerability
CVE-2025-25134	2025-03-26	WordPress Theme Demo Bar Plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-26536	2025-03-26	WordPress Another Events Calendar Plugin <= 1.7.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-26537	2025-03-26	WordPress GDPR Tools plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
CVE-2025-26541	2025-03-26	WordPress Bitcoin / AltCoin Payment Gateway for WooCommerce plugin <= 1.7.6 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-26542	2025-03-26	WordPress Zalo Live Chat Plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-26544	2025-03-26	WordPressUTM tags + Landing page plugin <= 1.4 - CSRF to Stored XSS vulnerability
CVE-2025-26546	2025-03-26	WordPress Cookies Pro plugin <= 1.0 - CSRF to Stored XSS vulnerability
CVE-2025-26559	2025-03-26	WordPress Secure Invites plugin <= 1.2.5 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-26560	2025-03-26	WordPress WP Contact Form III Plugin <= 1.6.2d - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-26564	2025-03-26	WordPress GNUCommerce Plugin <= 1.5.4 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-26565	2025-03-26	WordPress GNUPress Plugin <= 0.2.9 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-26566	2025-03-26	WordPress In Stock Mailer for WooCommerce Plugin <= 2.1.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-26573	2025-03-26	WordPress Rizzi Guestbook plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability
CVE-2025-26575	2025-03-26	WordPress Display Post Meta plugin <= 1.5- Cross Site Scripting (XSS) vulnerability
CVE-2025-26576	2025-03-26	WordPress WP Simple Slideshow Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-26579	2025-03-26	WordPress MicroPayments Paid Membership plugin <= 3.1.6 - Reflected Cross-Site Scripting vulnerability