Medium - CVE-2025-5375 - A vulnerability was found in PHPGurukul...
A vulnerability was found in PHPGurukul HPGurukul Online Birth Certificate System 2.0. It has been classified as critical. Affected is an unknown function of the file /admin/registered-users.php....
Medium - CVE-2025-4691 - The Free Booking Plugin for Hotels, Restaurants...
The Free Booking Plugin for Hotels, Restaurants and Car Rentals – eaSYNC Booking plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.21...
High - CVE-2025-4857 - The Newsletters plugin for WordPress is...
The Newsletters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.9.9.9 via the 'file' parameter. This makes it possible for authenticated...
High - CVE-2025-5376 - A vulnerability was found in SourceCodester...
A vulnerability was found in SourceCodester Health Center Patient Record Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the...
Medium - CVE-2025-5377 - A vulnerability was found in Astun Technology...
A vulnerability was found in Astun Technology iShare Maps 5.4.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file historic1.asp. The manipulation...
Medium - CVE-2025-5378 - A vulnerability classified as problematic has...
A vulnerability classified as problematic has been found in Astun Technology iShare Maps 5.4.0. This affects an unknown part of the file mycouncil2.aspx. The manipulation of the argument...
High - CVE-2025-5369 - A vulnerability classified as critical has been...
A vulnerability classified as critical has been found in SourceCodester PHP Display Username After Login 1.0. Affected is an unknown function of the file /login.php. The manipulation of the...
High - CVE-2025-5370 - A vulnerability classified as critical was...
A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation...
High - CVE-2025-4103 - The WP-GeoMeta plugin for WordPress is...
The WP-GeoMeta plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the wp_ajax_wpgm_start_geojson_import() function in versions 0.3.4 to 0.3.5. This...
Medium - CVE-2025-4590 - The Daisycon prijsvergelijkers plugin for...
The Daisycon prijsvergelijkers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'daisycon_uitvaart' shortcode in all versions up to, and including,...