Lista CVE - 2025 / Aprile

Visualizzazione 2401 - 2500 di 4038 CVE per Aprile 2025 (Pagina 25 di 41)

Torna alla Lista Precedente Successivo

ID CVE	Data	Titolo
CVE-2025-3686	2025-04-16	misstt123 oasys show image path traversal
CVE-2025-3687	2025-04-16	misstt123 oasys Sticky Notes cross-site request forgery
CVE-2025-3688	2025-04-16	mirweiye Seven Bears Library CMS Background Management Page cross site scripting
CVE-2025-3689	2025-04-16	PHPGurukul Men Salon Management System edit-customer-detailed.php sql injection
CVE-2025-1980	2025-04-16	Remote Code Execution via Unrestricted File Upload in Ready_
CVE-2025-1981	2025-04-16	SQL Injection in Ready_
CVE-2025-1982	2025-04-16	Local File Inclusion in Ready_
CVE-2025-1983	2025-04-16	Stored Cross-Site Scripting in Ready_
CVE-2025-39602	2025-04-16	WordPress WooCommerce Product Table Lite plugin <= 3.9.5 - Broken Access Control vulnerability
CVE-2025-39601	2025-04-16	WordPress Custom CSS, JS & PHP plugin <= 2.4.1 - CSRF to RCE vulnerability
CVE-2025-39600	2025-04-16	WordPress Integration for WooCommerce and QuickBooks <= 1.3.1 - Cross Site Request Forgery (CSRF) Vulnerability
CVE-2025-39599	2025-04-16	WordPress Listdom <= 4.0.0 - Open Redirection Vulnerability
CVE-2025-39598	2025-04-16	WordPress Administrator Z <= 2025.03.28 - Directory Traversal Vulnerability
CVE-2025-39597	2025-04-16	WordPress Fast eBay Listings <= 2.12.15 - Open Redirection Vulnerability
CVE-2025-39593	2025-04-16	WordPress Ever Accounting <= 2.1.5 - Cross Site Request Forgery (CSRF) Vulnerability
CVE-2025-39592	2025-04-16	WordPress Subscribe to Unlock Lite <= 1.3.0 - Local File Inclusion Vulnerability
CVE-2025-39591	2025-04-16	WordPress WP Subscription Forms <= 1.2.3 - Broken Access Control Vulnerability
CVE-2025-39590	2025-04-16	WordPress Essential Addons for Elementor <= 6.1.9 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39589	2025-04-16	WordPress Essential Addons for Elementor <= 6.1.9 - Sensitive Data Exposure Vulnerability
CVE-2025-39585	2025-04-16	WordPress Travelfic Toolkit <= 1.2.1 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39584	2025-04-16	WordPress Eventin <= 4.0.25 - Local File Inclusion Vulnerability
CVE-2025-39582	2025-04-16	WordPress WP Data Access <= 5.5.36 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39581	2025-04-16	WordPress Themify Shortcodes <= 2.1.3 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39579	2025-04-16	WordPress Membership For WooCommerce <= 2.8.0 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39578	2025-04-16	WordPress Responsive Blocks <= 2.0.2 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39577	2025-04-16	WordPress PropertyHive <= 2.1.2 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39576	2025-04-16	WordPress WPAdverts <= 2.2.1 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39575	2025-04-16	WordPress WPCasa <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39574	2025-04-16	WordPress Uix Shortcodes <= 2.0.4 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39573	2025-04-16	WordPress WP Posts Carousel <= 1.3.10 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39572	2025-04-16	WordPress Checkout for PayPal <= 1.0.38 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39571	2025-04-16	WordPress WowStore <= 4.2.4 - Broken Access Control Vulnerability
CVE-2025-39570	2025-04-16	WordPress WPCOM Member <= 1.7.7 - Local File Inclusion Vulnerability
CVE-2025-39566	2025-04-16	WordPress Hostel <= 1.1.5.6 - SQL Injection Vulnerability
CVE-2025-39565	2025-04-16	WordPress MelaPress Login Security <= 2.1.0 - PHP Object Injection Vulnerability
CVE-2025-39564	2025-04-16	WordPress Conditional Shipping for WooCommerce <= 3.4.0 - Cross Site Request Forgery (CSRF) Vulnerability
CVE-2025-39563	2025-04-16	WordPress Conditional Payments for WooCommerce <= 3.3.0 - Cross Site Request Forgery (CSRF) Vulnerability
CVE-2025-39560	2025-04-16	WordPress Live Forms plugin <= 4.8.4 - Broken Access Control vulnerability
CVE-2025-39557	2025-04-16	WordPress Kadence WooCommerce Email Designer plugin <= 1.5.14 - Arbitrary File Upload vulnerability
CVE-2025-39556	2025-04-16	WordPress Mediavine Control Panel plugin <= 2.10.6 - Sensitive Data Exposure vulnerability
CVE-2025-39555	2025-04-16	WordPress Church Admin plugin <= 5.0.23 - Cross Site Scripting (XSS) vulnerability
CVE-2025-39552	2025-04-16	WordPress Zephyr Project Manager <= 3.3.200 - Broken Access Control Vulnerability
CVE-2025-39549	2025-04-16	WordPress Most And Least Read Posts Widget <= 2.5.20 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39548	2025-04-16	WordPress Right Click Disable OR Ban plugin <= 1.1.17 - CSRF to Stored XSS vulnerability
CVE-2025-39547	2025-04-16	WordPress Internal Link Optimiser plugin <= 5.1.3 - CSRF to XSS vulnerability
CVE-2025-39546	2025-04-16	WordPress ElementsReady Addons for Elementor <= 6.6.2 - Cross Site Request Forgery (CSRF) Vulnerability
CVE-2025-39545	2025-04-16	WordPress WordPress REST API Authentication <= 3.6.3 - Settings Change Vulnerability
CVE-2025-39544	2025-04-16	WordPress WP Tools plugin <= 5.18 - CSRF to Arbitrary File Deletion vulnerability
CVE-2025-39543	2025-04-16	WordPress Royal Elementor Addons plugin <= 1.3.977 - Cross Site Scripting (XSS) vulnerability
CVE-2025-39540	2025-04-16	WordPress WP Flipclock plugin <= 1.9 - Cross Site Scripting (XSS) vulnerability
CVE-2025-39538	2025-04-16	WordPress WP-Advanced-Search <= 3.3.9.3 - Arbitrary File Upload Vulnerability
CVE-2025-39531	2025-04-16	WordPress Slazzer Background Changer <= 3.14 - Broken Access Control Vulnerability
CVE-2025-39530	2025-04-16	WordPress Site Search 360 plugin <= 2.1.7 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
CVE-2025-39529	2025-04-16	WordPress Scriptless Social Sharing <= 3.2.4 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39528	2025-04-16	WordPress Rescue Shortcodes plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability
CVE-2025-39525	2025-04-16	WordPress Logo Carousel Slider <= 2.1.3 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39524	2025-04-16	WordPress Html5 Audio Player <= 2.2.28 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39522	2025-04-16	WordPress Dynamic Post <= 4.10 - Settings Change Vulnerability
CVE-2025-39520	2025-04-16	WordPress Checkout Files Upload for WooCommerce <= 2.2.0 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39518	2025-04-16	WordPress BMA Lite <= 1.4.2 - SQL Injection Vulnerability
CVE-2025-39517	2025-04-16	WordPress Basic Interactive World Map plugin <= 2.7 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
CVE-2025-39516	2025-04-16	WordPress Author WIP Progress Bar <= 1.0 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39515	2025-04-16	WordPress Attendance Manager <= 0.6.2 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39514	2025-04-16	WordPress Asgaros Forum <= 3.0.0 - Cross Site Scripting (XSS) Vulnerability
CVE-2025-39513	2025-04-16	WordPress ActiveDEMAND <= 0.2.46 - Broken Access Control Vulnerability
CVE-2025-39512	2025-04-16	WordPress Bulk Term Editor <= 1.1.4 - Cross Site Request Forgery (CSRF) Vulnerability
CVE-2025-3690	2025-04-16	PHPGurukul Men Salon Management System edit-services.php sql injection
CVE-2025-3691	2025-04-16	mirweiye Seven Bears Library CMS Add Link server-side request forgery
CVE-2025-3692	2025-04-16	SourceCodester Online Eyewear Shop Master.php cross site scripting
CVE-2025-3693	2025-04-16	Tenda W12 httpd cgiWifiRadioSet stack-based overflow
CVE-2023-53034	2025-04-16	ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans
CVE-2024-58093	2025-04-16	PCI/ASPM: Fix link state exit during switch upstream function removal
CVE-2024-58094	2025-04-16	jfs: add check read-only before truncation in jfs_truncate_nolock()
CVE-2024-58095	2025-04-16	jfs: add check read-only before txBeginAnon() call
CVE-2024-58096	2025-04-16	wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode
CVE-2024-58097	2025-04-16	wifi: ath11k: fix RCU stall while reaping monitor destination ring
CVE-2025-22024	2025-04-16	nfsd: fix management of listener transports
CVE-2025-22025	2025-04-16	nfsd: put dl_stid if fail to queue dl_recall
CVE-2025-22026	2025-04-16	nfsd: don't ignore the return code of svc_proc_register()
CVE-2025-22027	2025-04-16	media: streamzap: fix race between device disconnection and urb callback
CVE-2025-22028	2025-04-16	media: vimc: skip .s_stream() for stopped entities
CVE-2025-22030	2025-04-16	mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()
CVE-2025-22031	2025-04-16	PCI/bwctrl: Fix NULL pointer dereference on bus number exhaustion
CVE-2025-22032	2025-04-16	wifi: mt76: mt7921: fix kernel panic due to null pointer dereference
CVE-2025-22033	2025-04-16	arm64: Don't call NULL in do_compat_alignment_fixup()
CVE-2025-22034	2025-04-16	mm/gup: reject FOLL_SPLIT_PMD with hugetlb VMAs
CVE-2025-22035	2025-04-16	tracing: Fix use-after-free in print_graph_function_flags during tracer switching
CVE-2025-22036	2025-04-16	exfat: fix random stack corruption after get_block
CVE-2025-22037	2025-04-16	ksmbd: fix null pointer dereference in alloc_preauth_hash()
CVE-2025-22038	2025-04-16	ksmbd: validate zero num_subauth before sub_auth is accessed
CVE-2025-22039	2025-04-16	ksmbd: fix overflow in dacloffset bounds check
CVE-2025-22040	2025-04-16	ksmbd: fix session use-after-free in multichannel connection
CVE-2025-22041	2025-04-16	ksmbd: fix use-after-free in ksmbd_sessions_deregister()
CVE-2025-22042	2025-04-16	ksmbd: add bounds check for create lease context
CVE-2025-22043	2025-04-16	ksmbd: add bounds check for durable handle context
CVE-2025-22044	2025-04-16	acpi: nfit: fix narrowing conversion in acpi_nfit_ctl
CVE-2025-22045	2025-04-16	x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs
CVE-2025-22046	2025-04-16	uprobes/x86: Harden uretprobe syscall trampoline check
CVE-2025-22047	2025-04-16	x86/microcode/AMD: Fix __apply_microcode_amd()'s return value
CVE-2025-22048	2025-04-16	LoongArch: BPF: Don't override subprog's return value