Lista CVE - 2025 / Giugno
Visualizzazione 3401 - 3500 di 3683 CVE per Giugno 2025 (Pagina 35 di 37)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2025-53199 | 2025-06-27 | WordPress HT Slider For Elementor plugin <= 1.6.5 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53200 | 2025-06-27 | WordPress ChatBot plugin <= 6.7.3 - Broken Access Control Vulnerability |
| CVE-2025-53202 | 2025-06-27 | WordPress Responsive Blocks plugin <= 2.0.6 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53203 | 2025-06-27 | WordPress WooCommerce PDF Invoice Builder plugin <= 1.2.148 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53206 | 2025-06-27 | WordPress HT Mega – Absolute Addons for WPBakery Page Builder plugin <= 1.0.8 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53211 | 2025-06-27 | WordPress Audio Editor & Recorder plugin <= 2.2.3 - Sensitive Data Exposure Vulnerability |
| CVE-2025-53253 | 2025-06-27 | WordPress WP Edit plugin <= 4.0.4 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53254 | 2025-06-27 | WordPress Cyrlitera plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53255 | 2025-06-27 | WordPress HurryTimer plugin <= 2.13.1 - Broken Access Control Vulnerability |
| CVE-2025-53256 | 2025-06-27 | WordPress YaySMTP plugin <= 2.6.5 - SQL Injection Vulnerability |
| CVE-2025-53257 | 2025-06-27 | WordPress Gmedia Photo Gallery plugin <= 1.23.0 - Local File Inclusion Vulnerability |
| CVE-2025-53258 | 2025-06-27 | WordPress Hover Effects plugin <= 2.1.2 - SQL Injection Vulnerability |
| CVE-2025-53259 | 2025-06-27 | WordPress Hotel Booking plugin <= 3.7 - Local File Inclusion Vulnerability |
| CVE-2025-53260 | 2025-06-27 | WordPress File Manager Plugin For Wordpress plugin <= 7.5 - Arbitrary File Upload Vulnerability |
| CVE-2025-53261 | 2025-06-27 | WordPress WP YouTube Live plugin <= 1.10.0 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53262 | 2025-06-27 | WordPress Writesonic plugin <= 1.0.4 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53263 | 2025-06-27 | WordPress Address Autocomplete via Google for Gravity Forms plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53264 | 2025-06-27 | WordPress ONet Regenerate Thumbnails plugin <= 1.5 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53265 | 2025-06-27 | WordPress Virusdie plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53266 | 2025-06-27 | WordPress Cron Logger plugin <= 1.3.0 - Broken Access Control Vulnerability |
| CVE-2025-53267 | 2025-06-27 | WordPress Hide Admin Bar From Front End plugin <= 1.0.0 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53268 | 2025-06-27 | WordPress Import external attachments plugin <= 1.5.12 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53269 | 2025-06-27 | WordPress My Wp Brand plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53270 | 2025-06-27 | WordPress CTA plugin <= 1.6.9 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53271 | 2025-06-27 | WordPress Additional Order Filters for WooCommerce plugin <= 1.22 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53272 | 2025-06-27 | WordPress Image Cleanup plugin <= 1.9.2 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53273 | 2025-06-27 | WordPress Slickstream plugin <= 2.0.3 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53274 | 2025-06-27 | WordPress WP Permalink Translator plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53275 | 2025-06-27 | WordPress Leyka plugin <= 3.31.9 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53276 | 2025-06-27 | WordPress Omnipress plugin <= 1.6.3 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53277 | 2025-06-27 | WordPress IS-theme-companion plugin <= 1.57 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53278 | 2025-06-27 | WordPress WP AdCenter plugin <= 2.6.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53279 | 2025-06-27 | WordPress Popup addon for Ninja Forms plugin <= 3.4 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53280 | 2025-06-27 | WordPress Football Pool plugin <= 2.12.5 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53281 | 2025-06-27 | WordPress WPB Category Slider for WooCommerce plugin <= 1.71 - Local File Inclusion Vulnerability |
| CVE-2025-53282 | 2025-06-27 | WordPress Thumbnail Editor plugin <= 2.3.3 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53284 | 2025-06-27 | WordPress CMS Blocks plugin <= 1.1 - Broken Access Control Vulnerability |
| CVE-2025-53285 | 2025-06-27 | WordPress Add & Replace Affiliate Links for Amazon plugin <= 1.0.6 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53287 | 2025-06-27 | WordPress Quick Favicon plugin <= 0.22.8 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53288 | 2025-06-27 | WordPress PlatiOnline Payments plugin <= 6.3.2 - Broken Access Control Vulnerability |
| CVE-2025-53290 | 2025-06-27 | WordPress WP Visual Sitemap plugin <= 1.0.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53292 | 2025-06-27 | WordPress WP DataTable plugin <= 0.2.7 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53293 | 2025-06-27 | WordPress Dashboard Widget Sidebar plugin <= 1.2.3 - Broken Access Control Vulnerability |
| CVE-2025-53294 | 2025-06-27 | WordPress Smart Agenda plugin <= 4.9 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53295 | 2025-06-27 | WordPress iCount Payment Gateway plugin <= 2.0.6 - Broken Access Control Vulnerability |
| CVE-2025-53296 | 2025-06-27 | WordPress EC Stars Rating plugin <= 1.0.11 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53298 | 2025-06-27 | WordPress Plugin Inspector plugin <= 1.5 - Arbitrary File Download Vulnerability |
| CVE-2025-53300 | 2025-06-27 | WordPress Podcast Feed Player Widget and Shortcode plugin <= 2.2.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53301 | 2025-06-27 | WordPress Theme Junkie Team Content plugin <= 0.1.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53304 | 2025-06-27 | WordPress Contact Form – 7 : Hide Success Message plugin <= 1.1.4 - Broken Access Control Vulnerability |
| CVE-2025-53305 | 2025-06-27 | WordPress WP Forum Server plugin <= 1.8.2 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53306 | 2025-06-27 | WordPress WP Forum Server plugin <= 1.8.2 - SQL Injection Vulnerability |
| CVE-2025-53308 | 2025-06-27 | WordPress Image Slider With Description plugin <= 9.2 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53309 | 2025-06-27 | WordPress Accept Stripe Payments Using Contact Form 7 plugin <= 3.0 - Sensitive Data Exposure Vulnerability |
| CVE-2025-53310 | 2025-06-27 | WordPress HidePost plugin <= 2.3.8 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53311 | 2025-06-27 | WordPress Navayan Subscribe plugin <= 1.13 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53312 | 2025-06-27 | WordPress OnionBuzz plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53313 | 2025-06-27 | WordPress Twitch TV Embed Suite plugin <= 2.1.0 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53314 | 2025-06-27 | WordPress WP Optimizer plugin <= 2.3.6 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53315 | 2025-06-27 | WordPress Relocate Upload plugin <= 0.24.1 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53317 | 2025-06-27 | WordPress WPShapere Lite plugin <= 1.4 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53318 | 2025-06-27 | WordPress WP DB Booster plugin <= 1.0.1 - Broken Access Control Vulnerability |
| CVE-2025-53320 | 2025-06-27 | WordPress Free Downloads EDD plugin <= 1.0.4 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53321 | 2025-06-27 | WordPress Raise The Money plugin <= 5.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53322 | 2025-06-27 | WordPress Accept Authorize.NET Payments Using Contact Form 7 plugin <= 2.5 - Sensitive Data Exposure Vulnerability |
| CVE-2025-53323 | 2025-06-27 | WordPress Pre-Publish Post Checklist plugin <= 3.1 - Broken Access Control Vulnerability |
| CVE-2025-53325 | 2025-06-27 | WordPress Beauty Contact Popup Form plugin <= 6.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53327 | 2025-06-27 | WordPress Aioseo Multibyte Descriptions plugin <= 0.0.6 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53329 | 2025-06-27 | WordPress Społecznościowa 6 PL 2013 plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53331 | 2025-06-27 | WordPress RSS Digest plugin <= 1.5 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53332 | 2025-06-27 | WordPress Track Everything plugin <= 2.0.1 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53336 | 2025-06-27 | WordPress My Resume Builder plugin <= 1.0.3 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53338 | 2025-06-27 | WordPress re.place plugin <= 0.2.1 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-53339 | 2025-06-27 | WordPress Devnex Addons For Elementor plugin <= 1.0.9 - Local File Inclusion Vulnerability |
| CVE-2025-6768 | 2025-06-27 | sfturing hosp_order HospitalServiceImpl.java findAllHosByCondition sql injection |
| CVE-2025-36595 | 2025-06-27 | Dell Unisphere for PowerMax vApp, version(s) 9.2.4.x, contain(s) an Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') vulnerability. A high privileged attacker with remote access could potentially... |
| CVE-2023-38007 | 2025-06-27 | IBM Cloud Pak System HTML injection |
| CVE-2025-6705 | 2025-06-27 | A vulnerability in the Eclipse Open VSX Registry’s automated publishing system could have allowed unauthorized uploads of extensions. Specifically, the system’s build scripts were executed without proper isolation, potentially exposing... |
| CVE-2025-52553 | 2025-06-27 | authentik has Insufficient Session verification for Remote Access Control endpoint access |
| CVE-2025-53091 | 2025-06-27 | WeGIA has Unauthenticated Time-Based Blind SQL Injection in almox Parameter |
| CVE-2024-11739 | 2025-06-27 | SQLi in Case Informatics' Case ERP |
| CVE-2024-12364 | 2025-06-27 | SQLi in Mavi Yeşil Software's Guest Tracking Software |
| CVE-2024-12150 | 2025-06-27 | SQLi in Eron Software's Wowwo CRM |
| CVE-2025-46707 | 2025-06-27 | GPU DDK - Guest VM can override its own FW VZ connection state after the FW has close it |
| CVE-2024-12143 | 2025-06-27 | SQLi in Mobilteg Mobile Informatics' Mikro Hand Terminal - MikroDB |
| CVE-2025-46708 | 2025-06-27 | GPU DDK - Guest VM can delay the FW and GPU from processing workloads from other VMs |
| CVE-2025-6521 | 2025-06-27 | TrendMakers Sight Bulb Pro Use of a Broken or Risky Cryptographic Algorithm |
| CVE-2025-6522 | 2025-06-27 | TrendMakers Sight Bulb Pro Command Injection |
| CVE-2025-5310 | 2025-06-27 | Dover Fueling Solutions ProGauge MagLink LX Consoles Missing Authentication for Critical Function |
| CVE-2025-53093 | 2025-06-27 | TabberNeue vulnerable to Stored XSS through wikitext |
| CVE-2025-6772 | 2025-06-27 | eosphoros-ai db-gpt import import_flow path traversal |
| CVE-2025-6773 | 2025-06-27 | HKUDS LightRAG File Upload document_routes.py upload_to_input_dir path traversal |
| CVE-2025-6774 | 2025-06-27 | gooaclok819 sublinkX template.go AddTemp path traversal |
| CVE-2025-53094 | 2025-06-27 | ESPAsyncWebServer Vulnerable to CRLF Injection in AsyncWebHeader.cpp |
| CVE-2025-6775 | 2025-06-27 | xiaoyunjie openvpn-cms-flask User Creation Endpoint openvpn.py create_user command injection |
| CVE-2025-6776 | 2025-06-27 | xiaoyunjie openvpn-cms-flask File Upload controller.py upload path traversal |
| CVE-2025-6777 | 2025-06-27 | code-projects Food Distributor Site process_login.php sql injection |
| CVE-2025-6778 | 2025-06-27 | code-projects Food Distributor Site save_settings.php cross site scripting |
| CVE-2025-53097 | 2025-06-27 | Roo Code extension vulnerable to Potential Information Leakage via JSON Schema |
| CVE-2025-53098 | 2025-06-27 | Roo Code Vulnerable to Potential Remote Code Execution via Model Context Protocol |