The following table lists the changes that have been made to the CVE-2025-2738 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Mar. 25, 2025 Action […]
CVE ID : CVE-2025-2224 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The Directorist: AI-Powered Business Directory Plugin with Classified Ads Listings plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the ‘parse_query’ function in all versions up to, and including, […]
The following table lists the changes that have been made to the CVE-2025-0717 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Mar. 25, 2025 Action […]
The following table lists the changes that have been made to the CVE-2025-1798 vulnerability over time. Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics. New CVE Received by [email protected] Mar. 25, 2025 Action […]
CVE ID : CVE-2024-13863 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The Stylish Google Sheet Reader 4.0 WordPress plugin before 4.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such […]
CVE ID : CVE-2024-13617 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The aoa-downloadable WordPress plugin through 0.1.0 doesn’t validate a parameter in its download function, allowing unauthenticated attackers to download arbitrary files from the server Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected […]
CVE ID : CVE-2025-1452 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The Favorites WordPress plugin before 2.3.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example […]
CVE ID : CVE-2025-0845 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The DesignThemes Core Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 4.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for […]
CVE ID : CVE-2024-9770 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The WP-Recall WordPress plugin before 16.26.12 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks Severity: 0.0 | NA Visit the link for more details, such as […]
CVE ID : CVE-2024-13618 Published : March 25, 2025, 6:15 a.m. | 1 hour ago Description : The aoa-downloadable WordPress plugin through 0.1.0 lacks authorization and authentication for requests to its download.php endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
