Searching...
Please wait while we search the database
| CVE ID | Severity | Description | Published | Actions |
|---|---|---|---|---|
|
CVE-2025-30871
|
N/A |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel Engine WP Travel Engine allows PHP Local File Inclusion. This issue affects WP Travel Engine: from n/a through 6.3.5.
|
27 Mar 2025
|
|
|
CVE-2025-30868
|
N/A |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in DynamicWebLab Team Manager allows PHP Local File Inclusion. This issue affects Team Manager: from n/a through 2.1.23.
|
27 Mar 2025
|
|
|
CVE-2025-30867
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SearchIQ SearchIQ allows Stored XSS. This issue affects SearchIQ: from n/a through 4.7.
|
27 Mar 2025
|
|
|
CVE-2025-30866
|
N/A |
Missing Authorization vulnerability in Giannis Kipouros Terms & Conditions Per Product allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Terms & Conditions Per Product: from n/a through 1.2.15.
|
27 Mar 2025
|
|
|
CVE-2025-30865
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in fuzzoid 3DPrint Lite allows Cross Site Request Forgery. This issue affects 3DPrint Lite: from n/a through 2.1.3.5.
|
27 Mar 2025
|
|
|
CVE-2025-30864
|
N/A |
Missing Authorization vulnerability in falselight Exchange Rates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Exchange Rates: from n/a through 1.2.2.
|
27 Mar 2025
|
|
|
CVE-2025-30863
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms allows Cross Site Request Forgery. This issue affects Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.0.9.
|
27 Mar 2025
|
|
|
CVE-2025-30862
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi reCAPTCHA for all allows Cross Site Request Forgery. This issue affects reCAPTCHA for all: from n/a through 2.22.
|
27 Mar 2025
|
|
|
CVE-2025-30861
|
N/A |
Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.6.29.
|
27 Mar 2025
|
|
|
CVE-2025-30860
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slidebars) allows DOM-Based XSS. This issue affects Off-Canvas Sidebars & Menus (Slidebars): from n/a through 0.5.8.2.
|
27 Mar 2025
|
|
|
CVE-2025-30859
|
N/A |
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ali2woo AliNext allows Phishing. This issue affects AliNext: from n/a through 3.5.1.
|
27 Mar 2025
|
|
|
CVE-2025-30857
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in PressMaximum Currency Switcher for WooCommerce allows Stored XSS. This issue affects Currency Switcher for WooCommerce: from n/a through 0.0.7.
|
27 Mar 2025
|
|
|
CVE-2025-30856
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom Field For WP Job Manager allows Cross Site Request Forgery. This issue affects Custom Field For WP Job Manager: from n/a through 1.4.
|
27 Mar 2025
|
|
|
CVE-2025-30854
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in Saso Serial Codes Generator and Validator with WooCommerce Support allows Cross Site Request Forgery. This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through 2.7.7.
|
27 Mar 2025
|
|
|
CVE-2025-30851
|
N/A |
Missing Authorization vulnerability in Tickera Tickera allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Tickera: from n/a through 3.5.5.2.
|
27 Mar 2025
|
|
|
CVE-2025-30850
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sfaerber Dr. Flex allows Stored XSS. This issue affects Dr. Flex: from n/a through 2.0.0.
|
27 Mar 2025
|
|
|
CVE-2025-30847
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashley Novelist allows Stored XSS. This issue affects Novelist: from n/a through 1.2.3.
|
27 Mar 2025
|
|
|
CVE-2025-30846
|
N/A |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jetmonsters Restaurant Menu by MotoPress allows PHP Local File Inclusion. This issue affects Restaurant Menu by MotoPress: from n/a through 2.4.4.
|
27 Mar 2025
|
|
|
CVE-2025-30845
|
N/A |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in webangon The Pack Elementor addons allows PHP Local File Inclusion. This issue affects The Pack Elementor addons: from n/a through 2.1.1.
|
27 Mar 2025
|
|
|
CVE-2025-30843
|
N/A |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in setriosoft bizcalendar-web allows SQL Injection. This issue affects bizcalendar-web: from n/a through 1.1.0.34.
|
27 Mar 2025
|
|
|
CVE-2025-30842
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in pixolette Christmas Panda allows Cross Site Request Forgery. This issue affects Christmas Panda: from n/a through 1.0.4.
|
27 Mar 2025
|
|
|
CVE-2025-30839
|
N/A |
Missing Authorization vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Taxi Booking Manager for WooCommerce: from n/a through 1.2.1.
|
27 Mar 2025
|
|
|
CVE-2025-30838
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS. This issue affects Cozy Blocks: from n/a through 2.1.6.
|
27 Mar 2025
|
|
|
CVE-2025-30836
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LatePoint LatePoint allows Stored XSS. This issue affects LatePoint: from n/a through 5.1.6.
|
27 Mar 2025
|
|
|
CVE-2025-30833
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge3D allows Cross Site Request Forgery. This issue affects Verge3D: from n/a through 4.8.2.
|
27 Mar 2025
|
CVE-2025-30871
N/A
27 Mar 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Travel Engine WP Travel Engine allows PHP Local File Inclusion. This issue affects WP Travel Engine: from n/a through 6.3.5.
CVE-2025-30868
N/A
27 Mar 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in DynamicWebLab Team Manager allows PHP Local File Inclusion. This issue affects Team Manager: from n/a through 2.1.23.
CVE-2025-30867
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SearchIQ SearchIQ allows Stored XSS. This issue affects SearchIQ: from n/a through 4.7.
CVE-2025-30866
N/A
27 Mar 2025
Missing Authorization vulnerability in Giannis Kipouros Terms & Conditions Per Product allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Terms & Conditions Per Product: from n/a through 1.2.15.
CVE-2025-30865
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in fuzzoid 3DPrint Lite allows Cross Site Request Forgery. This issue affects 3DPrint Lite: from n/a through 2.1.3.5.
CVE-2025-30864
N/A
27 Mar 2025
Missing Authorization vulnerability in falselight Exchange Rates allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Exchange Rates: from n/a through 1.2.2.
CVE-2025-30863
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms allows Cross Site Request Forgery. This issue affects Integration for Google Sheets and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.0.9.
CVE-2025-30862
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi reCAPTCHA for all allows Cross Site Request Forgery. This issue affects reCAPTCHA for all: from n/a through 2.22.
CVE-2025-30861
N/A
27 Mar 2025
Missing Authorization vulnerability in Rustaurius Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.6.29.
CVE-2025-30860
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jory Hogeveen Off-Canvas Sidebars & Menus (Slidebars) allows DOM-Based XSS. This issue affects Off-Canvas Sidebars & Menus (Slidebars): from n/a through 0.5.8.2.
CVE-2025-30859
N/A
27 Mar 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ali2woo AliNext allows Phishing. This issue affects AliNext: from n/a through 3.5.1.
CVE-2025-30857
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in PressMaximum Currency Switcher for WooCommerce allows Stored XSS. This issue affects Currency Switcher for WooCommerce: from n/a through 0.0.7.
CVE-2025-30856
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in theme funda Custom Field For WP Job Manager allows Cross Site Request Forgery. This issue affects Custom Field For WP Job Manager: from n/a through 1.4.
CVE-2025-30854
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in Saso Serial Codes Generator and Validator with WooCommerce Support allows Cross Site Request Forgery. This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through 2.7.7.
CVE-2025-30851
N/A
27 Mar 2025
Missing Authorization vulnerability in Tickera Tickera allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Tickera: from n/a through 3.5.5.2.
CVE-2025-30850
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sfaerber Dr. Flex allows Stored XSS. This issue affects Dr. Flex: from n/a through 2.0.0.
CVE-2025-30847
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashley Novelist allows Stored XSS. This issue affects Novelist: from n/a through 1.2.3.
CVE-2025-30846
N/A
27 Mar 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jetmonsters Restaurant Menu by MotoPress allows PHP Local File Inclusion. This issue affects Restaurant Menu by MotoPress: from n/a through 2.4.4.
CVE-2025-30845
N/A
27 Mar 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in webangon The Pack Elementor addons allows PHP Local File Inclusion. This issue affects The Pack Elementor addons: from n/a through 2.1.1.
CVE-2025-30843
N/A
27 Mar 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in setriosoft bizcalendar-web allows SQL Injection. This issue affects bizcalendar-web: from n/a through 1.1.0.34.
CVE-2025-30842
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in pixolette Christmas Panda allows Cross Site Request Forgery. This issue affects Christmas Panda: from n/a through 1.0.4.
CVE-2025-30839
N/A
27 Mar 2025
Missing Authorization vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Taxi Booking Manager for WooCommerce: from n/a through 1.2.1.
CVE-2025-30838
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS. This issue affects Cozy Blocks: from n/a through 2.1.6.
CVE-2025-30836
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LatePoint LatePoint allows Stored XSS. This issue affects LatePoint: from n/a through 5.1.6.
CVE-2025-30833
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft LLC Verge3D allows Cross Site Request Forgery. This issue affects Verge3D: from n/a through 4.8.2.
Page 342 of 693
Page 342 of 693