Latest CVE Feed
-
6.4
MEDIUMCVE-2025-8604
The WP Table Builder – WordPress Table Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wptb shortcode in all versions up to, and including, 2.0.12 due to insufficient input sanitization and output escaping on user... Read more
Affected Products : wp_table_builder- Published: Aug. 15, 2025
- Modified: Aug. 15, 2025
-
6.4
MEDIUMCVE-2025-8867
The Graphina - Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple chart widget parameters in version 3.1.3 and below. This is due to insufficient input sanitization and output escaping on user suppli... Read more
Affected Products :- Published: Aug. 15, 2025
- Modified: Aug. 15, 2025
-
6.5
MEDIUMCVE-2025-55711
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Table Builder WP Table Builder allows Stored XSS. This issue affects WP Table Builder: from n/a through 2.0.12.... Read more
Affected Products : wp_table_builder- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
8.5
HIGHCVE-2025-55708
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Systems Quiz And Survey Master allows SQL Injection. This issue affects Quiz And Survey Master: from n/a through 10.2.4.... Read more
Affected Products :- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
6.5
MEDIUMCVE-2025-54749
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Crocoblock JetProductGallery allows Stored XSS. This issue affects JetProductGallery: from n/a through 2.2.0.2.... Read more
Affected Products :- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
4.3
MEDIUMCVE-2025-53347
Cross-Site Request Forgery (CSRF) vulnerability in Laborator Kalium allows Cross Site Request Forgery. This issue affects Kalium: from n/a through 3.18.3.... Read more
Affected Products :- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
6.5
MEDIUMCVE-2025-53342
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoodLayers Modernize allows Stored XSS. This issue affects Modernize: from n/a through 3.4.0.... Read more
Affected Products :- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
4.3
MEDIUMCVE-2025-52769
Cross-Site Request Forgery (CSRF) vulnerability in flexostudio flexo-social-gallery allows Cross Site Request Forgery. This issue affects flexo-social-gallery: from n/a through 1.0006.... Read more
Affected Products :- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
6.5
MEDIUMCVE-2024-37945
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.5.... Read more
Affected Products : wpbits_addons_for_elementor_page_builder- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
7.7
HIGHCVE-2025-20244
A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow a remote attacker that is authenticated as a VPN user to cause th... Read more
- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
6.0
MEDIUMCVE-2025-20238
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with ... Read more
- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
6.0
MEDIUMCVE-2025-20220
A vulnerability in the CLI of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as r... Read more
- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
8.5
HIGHCVE-2025-20148
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due t... Read more
Affected Products : firepower_management_center- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
4.3
MEDIUMCVE-2025-20135
A vulnerability in the DHCP client functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to exhaust available memory. ... Read more
- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
8.6
HIGHCVE-2025-20133
A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly stop responding, r... Read more
- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
5.2
MEDIUMCVE-2023-43694
An issue was discovered in Malwarebytes 4.6.14.326 and before and 5.1.5.116 and before (and Nebula 2020-10-21 and later). An Out of bounds read in several disassembling utilities causes stability issues and denial of service.... Read more
Affected Products :- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
8.7
HIGHCVE-2025-40758
A vulnerability has been identified in Mendix SAML (Mendix 10.12 compatible) (All versions < V4.0.3), Mendix SAML (Mendix 10.21 compatible) (All versions < V4.1.2), Mendix SAML (Mendix 9.24 compatible) (All versions < V3.6.21). Affected versions of the mo... Read more
Affected Products :- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
6.5
MEDIUMCVE-2025-8965
A vulnerability has been found in linlinjava litemall up to 1.8.0. This vulnerability affects the function create of the file litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java of the component Endpoint. The man... Read more
Affected Products : litemall- Published: Aug. 14, 2025
- Modified: Aug. 15, 2025
-
6.3
MEDIUMCVE-2025-8905
The Inpersttion For Theme plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0 via the theme_section_shortcode() function. This is due to the plugin not restricting what functions can be called. This makes ... Read more
Affected Products :- Published: Aug. 15, 2025
- Modified: Aug. 15, 2025
-
4.3
MEDIUMCVE-2025-8091
The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the add_single_eventon and add_eventon shortcodes due to insufficient restrictions on which posts can be included. This makes it ... Read more
Affected Products :- Published: Aug. 15, 2025
- Modified: Aug. 15, 2025