An issue was discovered in DIR-823 firmware 20250416. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Wavlink M86X3A_V240730 contains a buffer overflow vulnerability in the /cgi-bin/ExportAllSettings.cgi file. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue in Aranda PassRecovery v1.0 allows attackers to enumerate valid user accounts in Active Directory via sending a crafted POST request to /user/existdirectory/1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PiranhaCMS 12.0 allows stored XSS in the Text content block of Standard and Standard Archive Pages via /manager/pages, enabling execution of arbitrary JavaScript in another user s browser. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Mercusys MW305R 3.30 and below is has a Transport Layer Security (TLS) certificate private key disclosure. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In DOXENSE WATCHDOC before 6.1.1.5332, Deserialization of Untrusted Data can lead to remote code execution through the .NET Remoting library in the Watchdoc administration interface. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Unrestricted Upload of File with Dangerous Type vulnerability in HaruTheme WooCommerce Designer Pro allows Upload a Web Shell to a Web Server.9.24. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.7 through publicly exposed log files. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery (CSRF) vulnerability in webandprint AR For WordPress allows Upload a Web Shell to a Web Server.98. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A security flaw has been discovered in Tencent WeKnora 0.1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A security flaw has been discovered in givanz Vvveb up to 1.0.7.2. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability has been found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A security flaw has been discovered in code-projects E-Commerce Website 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was identified in code-projects E-Commerce Website 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A security vulnerability has been detected in Campcodes Computer Sales and Inventory System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was detected in code-projects Hostel Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A flaw has been found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Local File Inclusion in Testimonial Slider WordPress plugin allows authenticated attackers with low-level privileges to include and execute arbitrary PHP files on the server, potentially leading to remote code execution, information disclosure, or complete site compromise. All versions through 3.5.8.6 are affected. The vulnerability requires only low-privilege authentication (PR:L) and has network attack vector (AV:N) with low complexity (AC:L), making it readily exploitable by registered users. EPSS score of 0.14% indicates low predicted exploitation probability in the wild, and no active exploitation or public POC has been identified at time of analysis.
CSRF vulnerability in Javo Core WordPress plugin (versions up to 3.0.0.266) enables attackers to bypass authentication controls and execute high-impact unauthorized actions. Despite an 8.8 CVSS score indicating critical severity across confidentiality, integrity, and availability, the 2% EPSS score (6th percentile) suggests minimal real-world exploitation activity. No active exploitation confirmed (not listed in CISA KEV). The vulnerability requires user interaction - attackers must trick authenticated administrators into visiting a malicious site or clicking a crafted link while logged into WordPress.
SQL injection in PGS Core WordPress plugin through version 5.9.0 allows authenticated attackers with low privileges to extract sensitive database contents and potentially degrade system availability. The vulnerability features low attack complexity and crosses scope boundaries (CVSS S:C), enabling lateral movement beyond the plugin's intended access boundaries. EPSS exploitation probability is minimal (0.03%, 10th percentile) and no active exploitation or public exploit code has been identified, suggesting this remains a disclosure-phase vulnerability requiring authenticated access.
SQL injection in AllInOne - Banner Rotator WordPress plugin (versions through 3.8) allows authenticated low-privilege users to execute arbitrary SQL queries with scope-changing impact on confidentiality and availability. The vulnerability requires only low-privilege authentication (PR:L) with network access and low attack complexity, enabling unauthorized database access and potential information disclosure from the WordPress installation. EPSS score of 0.03% (10th percentile) suggests low probability of mass exploitation, though the scope change (S:C) indicates impact beyond the vulnerable component. No public exploit identified at time of analysis.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup LambertGroup - AllInOne - Content Slider allows Blind SQL Injection.8. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Thumbnails allows Blind SQL Injection.8. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Playlist allows Blind SQL Injection.8. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in SeaTheme BM Content Builder allows Path Traversal. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An issue has been discovered in GitLab CE/EE affecting all versions from 14.10 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1, that could have allowed Guest users to access sensitive. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Local file inclusion in Subscribe To Unlock WordPress plugin versions up to 1.1.5 allows authenticated attackers with low privileges to include and execute arbitrary PHP files on the server, potentially leading to remote code execution, sensitive data disclosure, or full site compromise. EPSS score of 0.11% (29th percentile) indicates low probability of mass exploitation. No public exploit code or active exploitation confirmed at time of analysis.
Local file inclusion in Subscribe to Download WordPress plugin versions up to 2.0.9 allows authenticated attackers with low privileges to read arbitrary files on the server via manipulated PHP include paths. EPSS exploitation probability is low at 0.11% (29th percentile), and no active exploitation is confirmed in CISA KEV. The vulnerability requires authentication (PR:L) and high attack complexity (AC:H), limiting widespread exploitation risk despite the 7.5 CVSS score. Patchstack has documented this vulnerability, suggesting detection signatures exist for web application firewalls.
A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in shinetheme Traveler allows Exploiting Incorrectly Configured Access Control Security Levels. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Aspera HTTP Gateway 2.0.0 through 2.3.1 stores sensitive information in clear text in easily obtainable files which can be read by an unauthenticated user. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Insertion of Sensitive Information Into Sent Data vulnerability in Maciej Bis Permalink Manager Lite allows Retrieve Embedded Sensitive Data.5.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shinetheme Traveler allows Reflected XSS. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss ProfileGrid allows Reflected XSS.9.5.7. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in undsgn Uncode allows Reflected XSS. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cross-Site Request Forgery in GST for WooCommerce WordPress plugin versions ≤2.0 enables attackers to execute stored XSS attacks by tricking authenticated administrators into performing malicious actions. The vulnerability allows remote attackers to bypass authorization controls and inject persistent malicious scripts without authentication, though successful exploitation requires user interaction. EPSS score of 0.01% (3rd percentile) indicates very low observed exploitation probability in the wild, with no CISA KEV listing or confirmed active exploitation at time of analysis.
CSRF vulnerability in Flytedesk Digital WordPress plugin through version 20181101 enables stored cross-site scripting (XSS) attacks. Remote attackers can trick authenticated administrators into executing malicious requests that inject persistent JavaScript into the application, affecting site visitors. EPSS score of 0.01% indicates minimal observed exploitation activity, and no public exploit code or active exploitation has been identified at time of analysis.
Stored XSS in Conditional Cart Messages for WooCommerce (YourPlugins) through version 1.2.10 is exploitable via CSRF, allowing remote attackers to inject malicious scripts that execute in administrator contexts when victims are tricked into visiting crafted pages. The vulnerability chain requires user interaction but no authentication, enabling scope change (C) impacts across confidentiality, integrity, and availability. EPSS score of 0.01% (3rd percentile) indicates minimal observed exploitation activity, and no public exploit code or CISA KEV listing exists at time of analysis.
CSRF vulnerability in HTACCESS IP Blocker WordPress plugin enables stored XSS attacks against site administrators. Attackers can trick authenticated WordPress administrators into executing malicious actions that inject persistent JavaScript payloads through unprotected plugin endpoints. Affects all versions through 1.0. EPSS score of 0.01% (3rd percentile) suggests minimal observed exploitation attempts, though the attack requires only user interaction (UI:R) with no authentication barrier for the attacker. No active exploitation confirmed via CISA KEV at time of analysis.
Stored cross-site scripting can be injected into W3SCloud Contact Form 7 to Zoho CRM plugin for WordPress (versions through 3.0) via CSRF attack, allowing unauthenticated remote attackers to execute malicious JavaScript in administrator sessions when admins are tricked into visiting attacker-controlled pages. The vulnerability chains CSRF (CWE-352) with stored XSS, enabling privilege escalation from no access to stored administrative malicious code. EPSS score of 0.01% (3rd percentile) indicates minimal observed exploitation activity. No CISA KEV listing or public exploit code identified at time of analysis.
Cross-Site Request Forgery (CSRF) in NewsmanApp WordPress plugin versions up to 2.7.7 enables stored Cross-Site Scripting (XSS) attacks through unauthorized administrative actions. Attackers can trick authenticated administrators into executing malicious requests that inject persistent JavaScript payloads, leading to session hijacking, privilege escalation, or further compromise of WordPress sites. EPSS score of 0.01% (3rd percentile) indicates very low observed exploitation probability. No active exploitation confirmed in CISA KEV. Patchstack vulnerability database is the primary authoritative source for this disclosure.
In Seagate Toolkit on Windows a vulnerability exists in the Toolkit Installer prior to versions 2.35.0.6 where it attempts to load DLLs from the current working directory without validating their. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.
Improper Control of Generation of Code ('Code Injection') vulnerability in YayCommerce YayCurrency allows Code Injection.2. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Jeff Farthing Theme My Login allows Exploiting Incorrectly Configured Access Control Security Levels.1.12. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Missing Authorization vulnerability in Acclectic Media Acclectic Media Organizer allows Exploiting Incorrectly Configured Access Control Security Levels.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robin W bbp topic count allows DOM-Based XSS.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Job Board Manager allows DOM-Based XSS.1.61. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in emarket-design WP Ticket Customer Service Software & Support Ticket System allows Stored XSS.0.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HT Plugins HT Feed allows Stored XSS.3.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DaganLev Simple Meta Tags allows DOM-Based XSS.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.