Latest CVE Feed
-
7.6
CVSS31CVE-2025-49034
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Funnel Builder by FunnelKit allows SQL Injection. This issue affects Funnel Builder by FunnelKit: from n/a through 3.10.2.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
6.5
CVSS31CVE-2025-49319
Missing Authorization vulnerability in WPFactory Wishlist for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wishlist for WooCommerce: from n/a through 3.2.3.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
8.5
CVSS31CVE-2025-49876
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid allows SQL Injection. This issue affects ProfileGrid : from n/a through 5.9.5.2.... Read more
Affected Products : profilegrid- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
6.5
CVSS31CVE-2025-49884
Missing Authorization vulnerability in alexvtn Internal Linking of Related Contents allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Internal Linking of Related Contents: from n/a through 1.1.8.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
7.1
CVSS31CVE-2025-49888
Missing Authorization vulnerability in pimwick PW WooCommerce On Sale! allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PW WooCommerce On Sale!: from n/a through 1.39.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
6.5
CVSS31CVE-2025-50028
Missing Authorization vulnerability in CodeSolz Ultimate Push Notifications allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ultimate Push Notifications: from n/a through 1.1.9.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
9.3
CVSS31CVE-2025-52714
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler allows SQL Injection. This issue affects Traveler: from n/a through n/a.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
7.1
CVSS31CVE-2025-52777
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmsMinds Pay with Contact Form 7 allows Reflected XSS. This issue affects Pay with Contact Form 7: from n/a through 1.0.4.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
7.1
CVSS31CVE-2025-52779
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in karimmughal Dot html,php,xml etc pages allows Reflected XSS. This issue affects Dot html,php,xml etc pages: from n/a through 1.0.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
7.1
CVSS31CVE-2025-52786
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kingdom Creation Media Folder allows Reflected XSS. This issue affects Media Folder: from n/a through 1.0.0.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
7.1
CVSS31CVE-2025-52787
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EZiHosting Tennis Court Bookings allows Reflected XSS. This issue affects Tennis Court Bookings: from n/a through 1.2.7.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
7.5
CVSS31CVE-2025-52803
Missing Authorization vulnerability in uxper Sala allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Sala: from n/a through 1.1.3.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
7.5
CVSS31CVE-2025-52804
Missing Authorization vulnerability in uxper Nuss allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Nuss: from n/a through 1.3.3.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
8.5
CVSS31CVE-2025-52819
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in pakkemx Pakke Envíos allows SQL Injection. This issue affects Pakke Envíos: from n/a through 1.0.2.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
9.8
CVSS31CVE-2025-52836
Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP allows Privilege Escalation. This issue affects The E-Commerce ERP: from n/a through 2.1.1.3.... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
0.0
NONECVE-2025-53754
This vulnerability exists in Digisol DG-GR6821AC Router due to hard-coded Root Access Credentials in system configuration of the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and analyzing th... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
0.0
NONECVE-2025-53755
This vulnerability exists in Digisol DG-GR6821AC Router due to storage of credentials and PINS without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
0.0
NONECVE-2025-53756
This vulnerability exists in Digisol DG-GR6821AC Router due to cleartext transmission of credentials in its web management interface. A remote attacker could exploit this vulnerability by intercepting the network traffic and capturing cleartext credential... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
0.0
NONECVE-2025-53757
This vulnerability exists in Digisol DG-GR6821AC Router due to misconfiguration of both Secure and HttpOnly flags on session cookies associated with the router web interface. A remote attacker could exploit this vulnerability by capturing the session cook... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025
-
0.0
NONECVE-2025-53758
This vulnerability exists in Digisol DG-GR6821AC Router due to use of default admin credentials at its web management interface. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary d... Read more
Affected Products :- Published: Jul. 16, 2025
- Modified: Jul. 16, 2025