NA - CVE-2025-27459 - The VNC application stores its passwords...
The VNC application stores its passwords encrypted within the registry but uses DES for encryption. As DES is broken, the original passwords can be recovered.
NA - CVE-2025-27460 - The hard drives of the device are not encrypted...
The hard drives of the device are not encrypted using a full volume encryption feature such as BitLocker. This allows an attacker with physical access to the device to use an alternative operating...
Medium - CVE-2025-2540 - Multiple plugins for WordPress are vulnerable...
Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled prettyPhoto library (version 3.1.6) in various versions due to insufficient input...
NA - CVE-2025-40722 - Stored Cross-Site Scripting (XSS) vulnerability...
Stored Cross-Site Scripting (XSS) vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of proper validation of user input, through the replace...
NA - CVE-2025-40723 - Stored Cross-Site Scripting (XSS) vulnerability...
Stored Cross-Site Scripting (XSS) vulnerability in versions prior to Flatboard 3.2.2 of Flatboard Pro, consisting of a stored XSS due to lack of proper validation of user input, through the...
NA - CVE-2025-6563 - A cross-site scripting vulnerability is present...
A cross-site scripting vulnerability is present in the hotspot of MikroTik's RouterOS on versions below 7.19.2. An attacker can inject the `javascript` protocol in the `dst` parameter. When...
Medium - CVE-2025-2537 - Multiple plugins for WordPress are vulnerable...
Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled ThickBox JavaScript library (version 3.1) in various versions due to insufficient input...
High - CVE-2025-2932 - The JKDEVKIT plugin for WordPress is vulnerable...
The JKDEVKIT plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'font_upload_handler' function in all versions up to, and...