Alerts
4 Jul 2025
NA - CVE-2025-47634 - Missing Authorization vulnerability in Keylor...
Missing Authorization vulnerability in Keylor Mendoza WC Pickup Store allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WC Pickup Store: from n/a through...
4 Jul 2025
NA - CVE-2025-48231 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codepeople Booking Calendar Contact Form allows Stored XSS. This issue affects...
4 Jul 2025
NA - CVE-2025-49070 - Improper Control of Filename for...
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Elessi allows PHP Local File Inclusion. This issue...
4 Jul 2025
NA - CVE-2025-49245 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmoreira Testimonials Showcase allows Reflected XSS. This issue affects Testimonials...
4 Jul 2025
NA - CVE-2025-49247 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmoreira Team Showcase allows DOM-Based XSS. This issue affects Team Showcase: from...
4 Jul 2025
NA - CVE-2025-49274 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awplife Neom Blog allows Reflected XSS. This issue affects Neom Blog: from n/a...
4 Jul 2025
NA - CVE-2025-49302 - Improper Control of Generation of Code...
Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson Easy Stripe allows Remote Code Inclusion. This issue affects Easy Stripe: from n/a through 1.1.
4 Jul 2025
NA - CVE-2025-49303 - Improper Limitation of a Pathname to a...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Shabti Kaplan Frontend Admin by DynamiApps allows Path Traversal. This issue affects...
4 Jul 2025
NA - CVE-2025-49414 - Unrestricted Upload of File with Dangerous Type...
Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Gallery allows Using Malicious Files. This issue affects FW Gallery: from n/a through 8.0.0.
4 Jul 2025
NA - CVE-2025-49417 - Deserialization of Untrusted Data vulnerability...
Deserialization of Untrusted Data vulnerability in BestWpDeveloper WooCommerce Product Multi-Action allows Object Injection. This issue affects WooCommerce Product Multi-Action: from n/a through 1.3.