Riasztások
2025. Jún. 9.
NA - CVE-2025-39539 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in quitenicestuff Soho Hotel allows Reflected XSS. This issue affects Soho Hotel: from...
2025. Jún. 9.
NA - CVE-2025-45055 - Silverpeas 6.4.2 contains a stored cross-site...
Silverpeas 6.4.2 contains a stored cross-site scripting (XSS) vulnerability in the event management module. An authenticated user can upload a malicious SVG file as an event attachment, which, when...
2025. Jún. 9.
NA - CVE-2025-46178 - Cross-Site Scripting (XSS) vulnerability exists...
Cross-Site Scripting (XSS) vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context...
2025. Jún. 9.
NA - CVE-2025-47463 - Missing Authorization vulnerability in Fahad...
Missing Authorization vulnerability in Fahad Mahmood Stock Locations for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Stock Locations for...
2025. Jún. 9.
NA - CVE-2025-47477 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in revmakx Backup and Staging by WP Time Capsule allows Reflected XSS. This issue...
2025. Jún. 9.
NA - CVE-2025-47487 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in moreconvert MC Woocommerce Wishlist allows Reflected XSS. This issue affects MC...
2025. Jún. 9.
NA - CVE-2025-47511 - Improper Limitation of a Pathname to a...
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in nanbu Welcart e-Commerce allows Path Traversal. This issue affects Welcart e-Commerce: from...
2025. Jún. 9.
NA - CVE-2025-47527 - Missing Authorization vulnerability in Icegram...
Missing Authorization vulnerability in Icegram Icegram Collect – Easy Form, Lead Collection and Subscription plugin allows Exploiting Incorrectly Configured Access Control Security Levels. This...
2025. Jún. 9.
NA - CVE-2025-47561 - Incorrect Privilege Assignment vulnerability in...
Incorrect Privilege Assignment vulnerability in RomanCode MapSVG allows Privilege Escalation. This issue affects MapSVG: from n/a through 8.5.34.
2025. Jún. 9.
NA - CVE-2025-47598 - Improper Neutralization of Input During Web...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in click5 History Log by click5 allows Stored XSS. This issue affects History Log by...