Medium - CVE-2025-3780 - The WCFM – Frontend Manager for WooCommerce...
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability...
Critical - CVE-2025-4828 - The Support Board plugin for WordPress is...
The Support Board plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the sb_file_delete function in all versions up to, and including, 3.8.0....
Critical - CVE-2025-4855 - The Support Board plugin for WordPress is...
The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion of data due to use of hardcoded default secrets in the sb_encryption() function in all versions up...
Critical - CVE-2025-7206 - A vulnerability, which was classified as...
A vulnerability, which was classified as critical, has been found in D-Link DIR-825 2.10. This issue affects the function sub_410DDC of the file switch_language.cgi of the component httpd. The...
NA - CVE-2025-34077 - An authentication bypass vulnerability exists...
An authentication bypass vulnerability exists in the WordPress Pie Register plugin = 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST...
NA - CVE-2025-34083 - An unrestricted file upload vulnerability...
An unrestricted file upload vulnerability exists in the WordPress AIT CSV Import/Export plugin = 3.0.3. The plugin exposes an upload handler at upload-handler.php that allows arbitrary file upload...
NA - CVE-2025-34084 - An unauthenticated information disclosure...
An unauthenticated information disclosure vulnerability exists in the WordPress Total Upkeep plugin (also known as BoldGrid Backup) prior to version 1.14.10. The plugin exposes multiple endpoints...
NA - CVE-2025-34085 - An unrestricted file upload vulnerability in...
An unrestricted file upload vulnerability in the WordPress Simple File List plugin prior to version 4.2.3 allows unauthenticated remote attackers to achieve remote code execution. The plugin's...
Low - CVE-2025-7207 - A vulnerability, which was classified as...
A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scope_new of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs...
Medium - CVE-2025-7208 - A vulnerability was found in 9fans plan9port up...
A vulnerability was found in 9fans plan9port up to 9da5b44. It has been classified as critical. This affects the function edump in the library /src/plan9port/src/libsec/port/x509.c. The...