Alerts
9 Jan 2025
NA - CVE-2025-22313 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Widgetize Pages Light allows Reflected XSS.This issue affects Widgetize...
9 Jan 2025
NA - CVE-2025-22330 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mahesh Waghmare MG Parallax Slider allows Reflected XSS.This issue affects MG...
9 Jan 2025
NA - CVE-2025-22331 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in P3JX Cf7Save Extension allows Reflected XSS.This issue affects Cf7Save Extension:...
9 Jan 2025
NA - CVE-2025-22345 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tobias Spiess TS Comfort DB allows Reflected XSS.This issue affects TS Comfort DB:...
9 Jan 2025
NA - CVE-2025-22361 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Opentracker Opentracker Analytics allows Reflected XSS.This issue affects Opentracker...
9 Jan 2025
NA - CVE-2025-22504 - Unrestricted Upload of File with Dangerous Type...
Unrestricted Upload of File with Dangerous Type vulnerability in jumpdemand 4ECPS Web Forms allows Upload a Web Shell to a Web Server.This issue affects 4ECPS Web Forms: from n/a through 0.2.18.
9 Jan 2025
NA - CVE-2025-22505 - Improper Neutralization of Special Elements...
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nabaraj Chapagain NC Wishlist for Woocommerce allows SQL Injection.This issue affects...
9 Jan 2025
NA - CVE-2025-22508 - Improper Control of Filename for...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Roninwp FAT Event Lite allows PHP Local File Inclusion.This issue...
9 Jan 2025
NA - CVE-2025-22510 - Deserialization of Untrusted Data vulnerability...
Deserialization of Untrusted Data vulnerability in Konrad Karpieszuk WC Price History for Omnibus allows Object Injection.This issue affects WC Price History for Omnibus: from n/a through 2.1.4.
9 Jan 2025
NA - CVE-2025-22521 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Farrell wp Hosting Performance Check allows Reflected XSS.This issue affects wp...