CVE ID : CVE-2025-23422 Published : Jan. 24, 2025, 11:15 a.m. | 28 minutes ago Description : Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in NotFound Store Locator allows PHP Local File Inclusion. This issue affects Store Locator: from n/a through 3.98.10. Severity: 7.5 | HIGH Visit the link for more […]
CVE ID : CVE-2024-13594 Published : Jan. 24, 2025, 11:15 a.m. | 28 minutes ago Description : The Simple Downloads List plugin for WordPress is vulnerable to SQL Injection via the ‘category’ attribute of the ‘neofix_sdl’ shortcode in all versions up to, and including, 1.4.2 due to insufficient escaping on the user supplied parameter and lack […]
The following table lists the changes that have been made to the CVE-2025-22714 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Jan. 24, 2025 Action […]
CVE ID : CVE-2024-13542 Published : Jan. 24, 2025, 11:15 a.m. | 28 minutes ago Description : The WP Google Street View (with 360° virtual tour) & Google maps + Local SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘wpgsv’ shortcode in all versions up to, and including, 1.1.3 due to […]
CVE ID : CVE-2024-13409 Published : Jan. 24, 2025, 11:15 a.m. | 28 minutes ago Description : The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.10 via the ‘theme’ parameter of the post_type_ajax_handler() […]
CVE ID : CVE-2024-13408 Published : Jan. 24, 2025, 11:15 a.m. | 28 minutes ago Description : The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.10 via the ‘theme’ attribute of the `pgcu` […]
CVE ID : CVE-2024-13354 Published : Jan. 24, 2025, 11:15 a.m. | 28 minutes ago Description : The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via HTML tags in several widgets in all versions up to, and including, 1.6.4 due to insufficient […]
CVE ID : CVE-2024-13335 Published : Jan. 24, 2025, 11:15 a.m. | 28 minutes ago Description : The Spexo Addons for Elementor – Free Elementor Addons, Widgets and Templates plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the tmpcoder_theme_install_func() function in all versions up to, and including, 1.0.14. This […]
CVE ID : CVE-2024-13583 Published : Jan. 24, 2025, 10:15 a.m. | 32 minutes ago Description : The Simple Gallery with Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘c2tw_sgwf’ shortcode in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. […]
CVE ID : CVE-2024-12494 Published : Jan. 24, 2025, 10:15 a.m. | 32 minutes ago Description : The BMLT Meeting Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘bmlt_meeting_map’ shortcode in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
