521
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alessandro Benoit WpDevTool allows Reflected XSS. This issue affects WpDevTool: from n/a through …
|
CWE-79
Cross-site Scripting
|
CVE-2025-23624
|
2025-01-24 01:15 |
2025-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
522
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Navnish Bhardwaj WP Social Broadcast allows Reflected XSS. This issue affects WP Social Broadcast…
|
CWE-79
Cross-site Scripting
|
CVE-2025-23545
|
2025-01-24 01:15 |
2025-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
523
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in heart5 StatPressCN allows Reflected XSS. This issue affects StatPressCN: from n/a through 1.9.1.
|
CWE-79
Cross-site Scripting
|
CVE-2025-23544
|
2025-01-24 01:15 |
2025-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
524
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in edmon Download, Downloads allows Reflected XSS. This issue affects Download, Downloads : from n/…
|
CWE-79
Cross-site Scripting
|
CVE-2025-23541
|
2025-01-24 01:15 |
2025-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
525
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mohsin khan WP Front-end login and register allows Reflected XSS. This issue affects WP Front-end…
|
CWE-79
Cross-site Scripting
|
CVE-2025-23540
|
2025-01-24 01:15 |
2025-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
526
|
- |
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in Qwerty23 Rocket Media Library Mime Type allows Stored XSS. This issue affects Rocket Media Library Mime Type: from n/a through 2.1.0.
|
CWE-352
Origin Validation Error
|
CVE-2025-22768
|
2025-01-24 01:15 |
2025-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
527
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tarak Patel WP Query Creator allows Reflected XSS. This issue affects WP Query Creator: from n/a …
|
CWE-79
Cross-site Scripting
|
CVE-2025-22264
|
2025-01-24 01:15 |
2025-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
528
|
- |
|
-
|
-
|
It has been found that the Beta10 software does not provide for proper authorisation control in multiple areas of the application. This deficiency could allow a malicious actor, without authenticatio…
|
CWE-287
Improper Authentication
|
CVE-2025-0637
|
2025-01-24 01:15 |
2025-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
529
|
- |
|
-
|
-
|
SQL Injection vulnerability in the default configuration of the Logitime WebClock application <= 5.43.0 allows an unauthenticated user to run arbitrary code on the backend database server.
|
-
|
CVE-2024-55971
|
2025-01-24 01:15 |
2025-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
530
|
- |
|
-
|
-
|
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.
|
-
|
CVE-2024-52325
|
2025-01-24 01:15 |
2025-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|