Searching...
Please wait while we search the database
| CVE ID | Severity | Description | Published | Actions |
|---|---|---|---|---|
|
CVE-2025-30815
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou Hesabfa Accounting allows Cross Site Request Forgery. This issue affects Hesabfa Accounting: from n/a through 2.1.8.
|
27 Mar 2025
|
|
|
CVE-2025-30814
|
N/A |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme The Post Grid allows PHP Local File Inclusion. This issue affects The Post Grid: from n/a through 7.7.17.
|
27 Mar 2025
|
|
|
CVE-2025-30813
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in listamester Listamester allows Stored XSS. This issue affects Listamester: from n/a through 2.3.5.
|
27 Mar 2025
|
|
|
CVE-2025-30812
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Addons for Elementor allows Stored XSS. This issue affects SKT Addons for Elementor: from n/a through 3.5.
|
27 Mar 2025
|
|
|
CVE-2025-30811
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla ValidateCertify allows Cross Site Request Forgery. This issue affects ValidateCertify: from n/a through 1.6.1.
|
27 Mar 2025
|
|
|
CVE-2025-30810
|
N/A |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in smackcoders Lead Form Data Collection to CRM allows Blind SQL Injection. This issue affects Lead Form Data Collection to CRM: from n/a through 3.0.1.
|
27 Mar 2025
|
|
|
CVE-2025-30809
|
N/A |
Missing Authorization vulnerability in Shahjada Live Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Live Forms: from n/a through 4.8.4.
|
27 Mar 2025
|
|
|
CVE-2025-30806
|
N/A |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Constantin Boiangiu Vimeotheque allows SQL Injection. This issue affects Vimeotheque: from n/a through 2.3.4.2.
|
27 Mar 2025
|
|
|
CVE-2025-30805
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in wpdesk Flexible Cookies allows Cross Site Request Forgery. This issue affects Flexible Cookies: from n/a through 1.1.8.
|
27 Mar 2025
|
|
|
CVE-2025-30804
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in maennchen1.de wpShopGermany IT-RECHT KANZLEI allows Cross Site Request Forgery. This issue affects wpShopGermany IT-RECHT KANZLEI: from n/a through 2.0.
|
27 Mar 2025
|
|
|
CVE-2025-30803
|
N/A |
Missing Authorization vulnerability in Greg Ross Just Writing Statistics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Just Writing Statistics: from n/a through 5.3.
|
27 Mar 2025
|
|
|
CVE-2025-30801
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in Abu Bakar TWB Woocommerce Reviews allows Cross Site Request Forgery. This issue affects TWB Woocommerce Reviews: from n/a through 1.7.7.
|
27 Mar 2025
|
|
|
CVE-2025-30800
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atawai Gum Elementor Addon allows Stored XSS. This issue affects Gum Elementor Addon: from n/a through 1.3.10.
|
27 Mar 2025
|
|
|
CVE-2025-30799
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pagup WP Google Street View allows Stored XSS. This issue affects WP Google Street View: from n/a through 1.1.5.
|
27 Mar 2025
|
|
|
CVE-2025-30795
|
N/A |
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FunnelKit Automation By Autonami allows Phishing. This issue affects Automation By Autonami: from n/a through 3.5.1.
|
27 Mar 2025
|
|
|
CVE-2025-30792
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zumbo Comment Approved Notifier Extended allows Stored XSS. This issue affects Comment Approved Notifier Extended: from n/a through 5.2.
|
27 Mar 2025
|
|
|
CVE-2025-30791
|
N/A |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdever Cart tracking for WooCommerce allows SQL Injection. This issue affects Cart tracking for WooCommerce: from n/a through 1.0.16.
|
27 Mar 2025
|
|
|
CVE-2025-30790
|
N/A |
Missing Authorization vulnerability in alexvtn Chatbox Manager allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Chatbox Manager: from n/a through 1.2.2.
|
27 Mar 2025
|
|
|
CVE-2025-30789
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in clearoutio Clearout Email Validator allows Stored XSS. This issue affects Clearout Email Validator: from n/a through 3.2.0.
|
27 Mar 2025
|
|
|
CVE-2025-30788
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup allows SQL Injection. This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through 5.25.08.
|
27 Mar 2025
|
|
|
CVE-2025-30787
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup allows Stored XSS. This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through 5.25.08.
|
27 Mar 2025
|
|
|
CVE-2025-30786
|
N/A |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in oooorgle Quotes llama allows DOM-Based XSS. This issue affects Quotes llama: from n/a through 3.1.0.
|
27 Mar 2025
|
|
|
CVE-2025-30785
|
N/A |
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle Subscribe to Download Lite allows PHP Local File Inclusion. This issue affects Subscribe to Download Lite: from n/a through 1.2.9.
|
27 Mar 2025
|
|
|
CVE-2025-30784
|
N/A |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Shuffle WP Subscription Forms allows SQL Injection. This issue affects WP Subscription Forms: from n/a through 1.2.3.
|
27 Mar 2025
|
|
|
CVE-2025-30783
|
N/A |
Cross-Site Request Forgery (CSRF) vulnerability in jgwhite33 WP Google Review Slider allows SQL Injection. This issue affects WP Google Review Slider: from n/a through 16.0.
|
27 Mar 2025
|
CVE-2025-30815
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou Hesabfa Accounting allows Cross Site Request Forgery. This issue affects Hesabfa Accounting: from n/a through 2.1.8.
CVE-2025-30814
N/A
27 Mar 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme The Post Grid allows PHP Local File Inclusion. This issue affects The Post Grid: from n/a through 7.7.17.
CVE-2025-30813
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in listamester Listamester allows Stored XSS. This issue affects Listamester: from n/a through 2.3.5.
CVE-2025-30812
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Addons for Elementor allows Stored XSS. This issue affects SKT Addons for Elementor: from n/a through 3.5.
CVE-2025-30811
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla ValidateCertify allows Cross Site Request Forgery. This issue affects ValidateCertify: from n/a through 1.6.1.
CVE-2025-30810
N/A
27 Mar 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in smackcoders Lead Form Data Collection to CRM allows Blind SQL Injection. This issue affects Lead Form Data Collection to CRM: from n/a through 3.0.1.
CVE-2025-30809
N/A
27 Mar 2025
Missing Authorization vulnerability in Shahjada Live Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Live Forms: from n/a through 4.8.4.
CVE-2025-30806
N/A
27 Mar 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Constantin Boiangiu Vimeotheque allows SQL Injection. This issue affects Vimeotheque: from n/a through 2.3.4.2.
CVE-2025-30805
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in wpdesk Flexible Cookies allows Cross Site Request Forgery. This issue affects Flexible Cookies: from n/a through 1.1.8.
CVE-2025-30804
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in maennchen1.de wpShopGermany IT-RECHT KANZLEI allows Cross Site Request Forgery. This issue affects wpShopGermany IT-RECHT KANZLEI: from n/a through 2.0.
CVE-2025-30803
N/A
27 Mar 2025
Missing Authorization vulnerability in Greg Ross Just Writing Statistics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Just Writing Statistics: from n/a through 5.3.
CVE-2025-30801
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in Abu Bakar TWB Woocommerce Reviews allows Cross Site Request Forgery. This issue affects TWB Woocommerce Reviews: from n/a through 1.7.7.
CVE-2025-30800
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atawai Gum Elementor Addon allows Stored XSS. This issue affects Gum Elementor Addon: from n/a through 1.3.10.
CVE-2025-30799
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pagup WP Google Street View allows Stored XSS. This issue affects WP Google Street View: from n/a through 1.1.5.
CVE-2025-30795
N/A
27 Mar 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FunnelKit Automation By Autonami allows Phishing. This issue affects Automation By Autonami: from n/a through 3.5.1.
CVE-2025-30792
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zumbo Comment Approved Notifier Extended allows Stored XSS. This issue affects Comment Approved Notifier Extended: from n/a through 5.2.
CVE-2025-30791
N/A
27 Mar 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdever Cart tracking for WooCommerce allows SQL Injection. This issue affects Cart tracking for WooCommerce: from n/a through 1.0.16.
CVE-2025-30790
N/A
27 Mar 2025
Missing Authorization vulnerability in alexvtn Chatbox Manager allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Chatbox Manager: from n/a through 1.2.2.
CVE-2025-30789
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in clearoutio Clearout Email Validator allows Stored XSS. This issue affects Clearout Email Validator: from n/a through 3.2.0.
CVE-2025-30788
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup allows SQL Injection. This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through 5.25.08.
CVE-2025-30787
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL Reports Shortcode Widget and DB Backup allows Stored XSS. This issue affects EZ SQL Reports Shortcode Widget and DB Backup: from n/a through 5.25.08.
CVE-2025-30786
N/A
27 Mar 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in oooorgle Quotes llama allows DOM-Based XSS. This issue affects Quotes llama: from n/a through 3.1.0.
CVE-2025-30785
N/A
27 Mar 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Shuffle Subscribe to Download Lite allows PHP Local File Inclusion. This issue affects Subscribe to Download Lite: from n/a through 1.2.9.
CVE-2025-30784
N/A
27 Mar 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Shuffle WP Subscription Forms allows SQL Injection. This issue affects WP Subscription Forms: from n/a through 1.2.3.
CVE-2025-30783
N/A
27 Mar 2025
Cross-Site Request Forgery (CSRF) vulnerability in jgwhite33 WP Google Review Slider allows SQL Injection. This issue affects WP Google Review Slider: from n/a through 16.0.
Page 343 of 693
Page 343 of 693