Lista CVE - 2025 / Aprile

Visualizzazione 901 - 1000 di 4038 CVE per Aprile 2025 (Pagina 10 di 41)

Torna alla Lista Precedente Successivo

ID CVE	Data	Titolo
CVE-2025-32246	2025-04-04	WordPress 1-Click Backup & Restore Database <= 1.0.3 - Broken Access Control Vulnerability
CVE-2025-32247	2025-04-04	WordPress AI Content Creator plugin <= 1.2.6 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32248	2025-04-04	WordPress SwiftXR (3D/AR/VR) Viewer plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32249	2025-04-04	WordPress DirectoryPress – Business Directory And Classified Ad Listing Plugin <=3.6.19 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32251	2025-04-04	WordPress Jetpack Feedback Exporter <= 1.23 - Sensitive Data Exposure Vulnerability
CVE-2025-32252	2025-04-04	WordPress WP Genealogy plugin <= 0.1.9 - Broken Access Control vulnerability
CVE-2025-32253	2025-04-04	WordPress Course Booking System Plugin <= 6.0.5 - Broken Access Control vulnerability
CVE-2025-32254	2025-04-04	WordPress WPBookit plugin <= 1.0.1 - Broken Access Control vulnerability
CVE-2025-32255	2025-04-04	WordPress StaffList plugin <= 3.2.6 - Sensitive Data Exposure vulnerability
CVE-2025-32256	2025-04-04	WordPress SurveyJS plugin <= 1.12.20 - Broken Access Control vulnerability
CVE-2025-32257	2025-04-04	WordPress 1 Click WordPress Migration Plugin <= 2.2 - Sensitive Data Exposure vulnerability
CVE-2025-32258	2025-04-04	WordPress Simple Website Logo plugin <= 1.1 - Broken Access Control vulnerability
CVE-2025-32261	2025-04-04	WordPress Advanced All in One Admin Search by WP Spotlight <= 1.1.1 - Cross Site Request Forgery (CSRF) Vulnerability
CVE-2025-32262	2025-04-04	WordPress RDP Wiki Embed plugin <= 1.2.20 - Cross Site Request Forgery (CSRF) Vulnerability
CVE-2025-32263	2025-04-04	WordPress Sequential Order Numbers for WooCommerce plugin <= 3.6.2 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32264	2025-04-04	WordPress UltraAddons – Elementor Addons plugin <= 2.0.0 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32265	2025-04-04	WordPress JobWP plugin <= 2.3.9 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32266	2025-04-04	WordPress 404 Image Redirection (Replace Broken Images) plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32267	2025-04-04	WordPress WP to Hootsuite plugin <= 1.5.8 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32268	2025-04-04	WordPress QR Code Tag for WC plugin <= 1.9.36 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
CVE-2025-32269	2025-04-04	WordPress WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms Plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
CVE-2025-32270	2025-04-04	WordPress Broadstreet Plugin <= 1.51.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
CVE-2025-32271	2025-04-04	WordPress Woocommerce Role Pricing Plugin <= 3.5.5 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32272	2025-04-04	WordPress Wishlist Plugin <= 1.0.44 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32273	2025-04-04	WordPress Freetobook Responsive Widget Plugin <= 1.1 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32274	2025-04-04	WordPress w3all phpBB integration Plugin <= 2.9.2 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32276	2025-04-04	WordPress Administrator Z plugin <= 2025.03.04 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32277	2025-04-04	WordPress RepairBuddy plugin <= 3.8211 - Broken Access Control vulnerability
CVE-2025-32278	2025-04-04	WordPress Table Block by RioVizual plugin <= 2.1.7 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32280	2025-04-04	WordPress WP Project Manager plugin <= 2.6.22 - Cross Site Request Forgery (CSRF) Vulnerability
CVE-2025-32224	2025-04-04	WordPress Privyr CRM plugin <= 1.0.1 - Broken Access Control vulnerability
CVE-2025-32239	2025-04-04	WordPress Social Share Buttons & Analytics Plugin plugin <= 4.5 - Broken Access Control vulnerability
CVE-2025-32250	2025-04-04	WordPress Rollbar plugin <= 2.7.1 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-32178	2025-04-04	WordPress 6Storage Rentals Plugin <= 2.18.0 - Broken Access Control vulnerability
CVE-2025-3254	2025-04-04	xujiangfei admintwo add server-side request forgery
CVE-2025-3255	2025-04-04	xujiangfei admintwo home access control
CVE-2025-3256	2025-04-04	xujiangfei admintwo updateSet access control
CVE-2025-3257	2025-04-04	xujiangfei admintwo updateSet cross-site request forgery
CVE-2025-3258	2025-04-04	PHPGurukul Old Age Home Management System search.php sql injection
CVE-2025-3259	2025-04-04	Tenda RX3 SetOnlineDevName formSetDeviceName stack-based overflow
CVE-2024-11235	2025-04-04	Reference counting in php_request_shutdown causes Use-After-Free
CVE-2025-3265	2025-04-04	PHPGurukul e-Diary Management System add-category.php sql injection
CVE-2025-3266	2025-04-04	qinguoyi TinyWebServer http_conn.cpp stack-based overflow
CVE-2025-3267	2025-04-04	qinguoyi TinyWebServer http_conn.cpp sql injection
CVE-2025-3268	2025-04-04	qinguoyi TinyWebServer http_conn.cpp improper authentication
CVE-2025-2889	2025-04-04	Link Library <= 7.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Link Additional Parameters
CVE-2021-47667	2025-04-05	An OS command injection vulnerability in lib/NSSDropoff.php in ZendTo 5.24-3...
CVE-2025-32352	2025-04-05	A type confusion vulnerability in lib/NSSAuthenticator.php in ZendTo before v5.04-7...
CVE-2025-32357	2025-04-05	In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge...
CVE-2025-32358	2025-04-05	In Zammad 6.4.x before 6.4.2, SSRF can occur. Authenticated admin...
CVE-2025-32359	2025-04-05	In Zammad 6.4.x before 6.4.2, there is client-side enforcement of...
CVE-2025-32360	2025-04-05	In Zammad 6.4.x before 6.4.2, there is information exposure. Only...
CVE-2025-32364	2025-04-05	A floating-point exception in the PSStack::roll function of Poppler before...
CVE-2025-32365	2025-04-05	Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds...
CVE-2025-32366	2025-04-05	In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy...
CVE-2025-1500	2025-04-05	IBM Maximo Application Suite file upload
CVE-2025-0810	2025-04-05	Read More & Accordion <= 3.4.5 - Cross-Site Request Forgery to Local File Inclusion
CVE-2024-13604	2025-04-05	KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin <= 1.7.4 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory
CVE-2025-2544	2025-04-05	AI Content Pipelines <= 1.6 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
CVE-2025-2933	2025-04-05	Email Notifications for Updates <= 1.1.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update
CVE-2024-13776	2025-04-05	ZoomSounds - WordPress Wave Audio Player with Playlist <= 6.91 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update and Settings Manipulation
CVE-2025-0839	2025-04-05	ZoomSounds <= 6.91 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
CVE-2025-1233	2025-04-05	Lafka Plugin <= 7.1.0 - Missing Authorization to Authenticated (Subscriber+) Theme Option Update
CVE-2025-2789	2025-04-05	MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution <= 4.2.19 - Missing Authorization to Unauthenticated Table Rates Deletion
CVE-2025-2941	2025-04-05	Drag and Drop Multiple File Upload for WooCommerce <= 1.1.4 - Unauthenticated Arbitrary File Move
CVE-2025-3296	2025-04-05	SourceCodester Online Eyewear Shop Users.php sql injection
CVE-2025-3297	2025-04-05	SourceCodester Online Eyewear Shop Master.php cross site scripting
CVE-2025-3298	2025-04-05	SourceCodester Online Eyewear Shop Registration Master.php access control
CVE-2025-3299	2025-04-05	PHPGurukul Men Salon Management System appointment.php sql injection
CVE-2025-30401	2025-04-05	A spoofing issue in WhatsApp for Windows prior to version...
CVE-2024-57868	2025-04-05	Web::API 2.8 and earlier for Perl uses insecure rand() function for cryptographic functions
CVE-2024-58036	2025-04-05	Net::Dropbox::API 1.9 and earlier for Perl uses insecure rand() function for cryptographic functions
CVE-2024-57835	2025-04-05	Amon2::Auth::Site::LINE versions through 0.04 for Perl uses insecure rand() function for cryptographic functions
CVE-2024-52322	2025-04-05	WebService::Xero 0.11 for Perl uses insecure rand() function for cryptographic functions
CVE-2024-56370	2025-04-05	Net::Xero 0.044 and earlier for Perl uses insecure rand() function for cryptographic functions
CVE-2025-3303	2025-04-05	code-projects Patient Record Management System birthing_record.php sql injection
CVE-2025-3304	2025-04-05	code-projects Patient Record Management System dental_not.php sql injection
CVE-2025-3305	2025-04-05	1902756969/code-projects IKUN_Library Borrow MvcConfig.java addInterceptors access control
CVE-2024-58131	2025-04-06	FISCO BCOS 3.11.0 has an issue with synchronization of the...
CVE-2024-58132	2025-04-06	In chainmaker-go (aka ChainMaker) before 2.3.6, multiple updates to a...
CVE-2024-58133	2025-04-06	In chainmaker-go (aka ChainMaker) before 2.4.0, when making frequent updates...
CVE-2025-32369	2025-04-06	Kentico Xperience before 13.0.181 allows authenticated users to distribute malicious...
CVE-2025-32370	2025-04-06	Kentico Xperience before 13.0.178 has a specific set of allowed...
CVE-2025-3306	2025-04-06	code-projects Blood Bank Management System don.php sql injection
CVE-2025-3307	2025-04-06	code-projects Blood Bank Management System reset.php sql injection
CVE-2025-3308	2025-04-06	code-projects Blood Bank Management System viewrequest.php sql injection
CVE-2025-1264	2025-04-06	Broken Link Checker by AIOSEO <= 1.2.3 - Authenticated (Contributor+) SQL Injection
CVE-2025-3309	2025-04-06	code-projects Blood Bank Management System campsdetails.php sql injection
CVE-2025-3310	2025-04-06	code-projects Blood Bank Management System delete.php sql injection
CVE-2025-3311	2025-04-06	PHPGurukul Men Salon Management System about-us.php sql injection
CVE-2025-3312	2025-04-06	PHPGurukul Men Salon Management System add-customer-services.php sql injection
CVE-2025-3313	2025-04-06	PHPGurukul Men Salon Management System add-customer.php sql injection
CVE-2025-3314	2025-04-06	SourceCodester Apartment Visitor Management System forgotpw.php sql injection
CVE-2025-3315	2025-04-06	SourceCodester Apartment Visitor Management System view-report.php sql injection
CVE-2025-3316	2025-04-06	PHPGurukul Men Salon Management System search-invoices.php sql injection
CVE-2025-3317	2025-04-06	fumiao opencms dataPage.jsp path traversal
CVE-2025-3318	2025-04-06	Kenj_Frog 肯尼基蛙 company-financial-management 公司财务管理系统 ShangpinleixingController.java page sql injection
CVE-2025-2258	2025-04-06	Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow
CVE-2025-2260	2025-04-06	Eclipse ThreadX NetX Duo HTTP component server denial of service
CVE-2025-2259	2025-04-06	Eclipse ThreadX NetX Duo component HTTP server single PUT request integer underflow