High - CVE-2025-7467 - A vulnerability, which was classified as...
A vulnerability, which was classified as critical, was found in code-projects Modern Bag 1.0. This affects an unknown part of the file /product-detail.php. The manipulation of the argument ID leads...
High - CVE-2025-7468 - A vulnerability has been found in Tenda FH1201...
A vulnerability has been found in Tenda FH1201 1.2.0.14 and classified as critical. This vulnerability affects the function fromSafeUrlFilter of the file /goform/fromSafeUrlFilter of the component...
High - CVE-2025-7504 - The Friends plugin for WordPress is vulnerable...
The Friends plugin for WordPress is vulnerable to PHP Object Injection in version 3.5.1 via deserialization of untrusted input of the query_vars parameter This makes it possible for authenticated...
Critical - CVE-2020-36847 - The Simple-File-List Plugin for WordPress is...
The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a...
Medium - CVE-2025-7518 - The RSFirewall! plugin for WordPress is...
The RSFirewall! plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.1.42 via the get_local_filename() function. This makes it possible for authenticated...
High - CVE-2025-7469 - A vulnerability was found in Campcodes Sales...
A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/product_add.php. The manipulation of...
High - CVE-2025-7470 - A vulnerability was found in Campcodes Sales...
A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been classified as critical. Affected is an unknown function of the file /pages/product_add.php. The manipulation of...
High - CVE-2020-36848 - The Total Upkeep – WordPress Backup Plugin plus...
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.14.9 via...
Critical - CVE-2020-36849 - The AIT CSV import/export plugin for WordPress...
The AIT CSV import/export plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php...
Medium - CVE-2021-4458 - The Modern Events Calendar Lite plugin for...
The Modern Events Calendar Lite plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter of the 'wp_ajax_mec_load_single_page' AJAX action in all versions up...