High - CVE-2025-1309 - The UiPress lite | Effortless custom...
The UiPress lite | Effortless custom dashboards, admin themes and pages plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a...
NA - CVE-2025-26331 - Dell ThinOS 2411 and prior, contains an...
Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access...
NA - CVE-2025-27816 - A vulnerability was discovered in the Arctera...
A vulnerability was discovered in the Arctera InfoScale 7.0 through 8.0.2 where a .NET remoting endpoint can be exploited due to the insecure deserialization of potentially untrusted messages. The...
High - CVE-2024-10804 - The Ultimate Video Player WordPress &...
The Ultimate Video Player WordPress & WooCommerce Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 10.0 via the content/downloader.php file....
High - CVE-2024-12035 - The CS Framework plugin for WordPress is...
The CS Framework plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the cs_widget_file_delete() function in all versions up to, and including,...
High - CVE-2024-12036 - The CS Framework plugin for WordPress is...
The CS Framework plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 6.9 via the get_widget_settings_json() function. This makes it possible for...
Medium - CVE-2024-12607 - The School Management System for Wordpress...
The School Management System for Wordpress plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of the 'mj_smgt_show_event_task' AJAX action in all...
Medium - CVE-2024-12609 - The School Management System for Wordpress...
The School Management System for Wordpress plugin for WordPress is vulnerable to SQL Injection via the 'view-attendance' page in all versions up to, and including, 92.0.0 due to...
Medium - CVE-2024-12610 - The School Management System for Wordpress...
The School Management System for Wordpress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'mj_smgt_remove_feetype' and...
Medium - CVE-2024-12611 - The School Management System for Wordpress...
The School Management System for Wordpress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'title' parameter in all versions up to, and including, 93.0.0 due...