Blueteq Shop

CVE-2025-2250 – WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugin SQL Injection

CVE ID : CVE-2025-2250 Published : March 13, 2025, 4:15 a.m. | 1 hour, 30 minutes ago Description : The WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins plugin for WordPress is vulnerable to SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 2.32 due to insufficient escaping on the user […]

CVE-2024-13887 – WordPress Business Directory Plugin Unauthenticated Image Upload Vulnerability

CVE ID : CVE-2024-13887 Published : March 13, 2025, 4:15 a.m. | 1 hour, 30 minutes ago Description : The Business Directory Plugin – Easy Listing Directories for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.4.14 via the ‘ajax_listing_submit_image_upload’ function due to missing validation on a […]

CVE-2025-2107 – ArielBrailovsky-ViralAd SQL Injection Vulnerability

CVE ID : CVE-2025-2107 Published : March 13, 2025, 2:15 a.m. | 1 hour, 30 minutes ago Description : The ArielBrailovsky-ViralAd plugin for WordPress is vulnerable to SQL Injection via the ‘id’ parameter of the printResultAndDie() function in all versions up to, and including, 1.0.8 due to insufficient escaping on the user supplied parameter and lack of […]

CVE-2025-2106 – ArielBrailovsky-ViralAd WordPress SQL Injection Vulnerability

CVE ID : CVE-2025-2106 Published : March 13, 2025, 2:15 a.m. | 1 hour, 30 minutes ago Description : The ArielBrailovsky-ViralAd plugin for WordPress is vulnerable to SQL Injection via the ‘text’ and ‘id’ parameters of the limpia() function in all versions up to, and including, 1.0.8 due to insufficient escaping on the user supplied parameter and […]

CVE-2025-1559 – WordPress CC-IMG-Shortcode Stored Cross-Site Scripting

CVE ID : CVE-2025-1559 Published : March 13, 2025, 2:15 a.m. | 1 hour, 30 minutes ago Description : The CC-IMG-Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘img’ shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes […]

CVE-2024-13703 – “vcita WordPress Plugin Unauthorized Data Modification Vulnerability”

CVE ID : CVE-2024-13703 Published : March 13, 2025, 2:15 a.m. | 1 hour, 30 minutes ago Description : The CRM and Lead Management by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_ajax_toggle_ae() function in all versions up to, and including, 2.7.1. This makes it […]

Day: 13 March 2025