Skip to content
Toggle Navigation
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
ISO 27001 – GAP Analysis (Tool)
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Amenazas y tendencias
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Desarrollo seguro (SDLC)
Desarrollo de software seguro
Normativa y Leyes
Leyes de protección de datos
Agencias nacionales de ciberseguridad
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-53294
2025-06-27
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Smart Agenda Smart Agenda allows Stored XSS. This…
CVE-2025-53293
2025-06-27
MEDIUM
4.3
Missing Authorization vulnerability in Morten Dalgaard Johansen Dashboard Widget Sidebar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue…
CVE-2025-53292
2025-06-27
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in samsk WP DataTable allows DOM-Based XSS. This issue…
CVE-2025-53290
2025-06-27
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MS WP Visual Sitemap allows Stored XSS. This…
CVE-2025-53288
2025-06-27
MEDIUM
4.3
Missing Authorization vulnerability in Adrian Ladó PlatiOnline Payments allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PlatiOnline…
CVE-2025-53287
2025-06-27
MEDIUM
5.9
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robert Cummings Quick Favicon allows Stored XSS. This…
CVE-2025-53285
2025-06-27
MEDIUM
5.9
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The Website Flip Add & Replace Affiliate Links…
CVE-2025-53284
2025-06-27
MEDIUM
6.5
Missing Authorization vulnerability in pankaj.sakaria CMS Blocks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects CMS Blocks:…
CVE-2025-53282
2025-06-27
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aviplugins.com Thumbnail Editor allows Stored XSS. This issue…
CVE-2025-53281
2025-06-27
HIGH
7.5
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WPBean WPB Category Slider…
CVE-2025-53280
2025-06-27
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AntoineH Football Pool allows Stored XSS. This issue…
CVE-2025-53279
2025-06-27
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aman Popup addon for Ninja Forms allows DOM-Based…
CVE-2025-53278
2025-06-27
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPeka WP AdCenter allows Stored XSS. This issue…
CVE-2025-53277
2025-06-27
HIGH
8.8
Cross-Site Request Forgery (CSRF) vulnerability in Infigo Software IS-theme-companion allows Object Injection. This issue affects IS-theme-companion: from n/a through 1.57.
CVE-2025-53276
2025-06-27
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in omnipressteam Omnipress allows DOM-Based XSS. This issue affects…
CVE-2025-53275
2025-06-27
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VaultDweller Leyka allows DOM-Based XSS. This issue affects…
CVE-2025-53274
2025-06-27
HIGH
7.1
Cross-Site Request Forgery (CSRF) vulnerability in Hossin Asaadi WP Permalink Translator allows Stored XSS. This issue affects WP Permalink Translator:…
CVE-2025-53273
2025-06-27
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in Slickstream Slickstream allows Cross Site Request Forgery. This issue affects Slickstream: from n/a through…
CVE-2025-53272
2025-06-27
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in opicron Image Cleanup allows Cross Site Request Forgery. This issue affects Image Cleanup: from…
CVE-2025-53271
2025-06-27
HIGH
7.1
Cross-Site Request Forgery (CSRF) vulnerability in Anton Bond Additional Order Filters for WooCommerce allows Stored XSS. This issue affects Additional…
CVE-2025-53270
2025-06-27
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in Blend Media WordPress CTA allows Cross Site Request Forgery. This issue affects WordPress CTA:…
CVE-2025-53269
2025-06-27
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in imw3 My Wp Brand allows Cross Site Request Forgery. This issue affects My Wp…
CVE-2025-53268
2025-06-27
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in ryanpcmcquen Import external attachments allows Cross Site Request Forgery. This issue affects Import external…
CVE-2025-53267
2025-06-27
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in Aftab Husain Hide Admin Bar From Front End allows Cross Site Request Forgery. This…
CVE-2025-53266
2025-06-27
MEDIUM
4.3
Missing Authorization vulnerability in EdwardBock Cron Logger allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Cron Logger:…
CVE-2025-53265
2025-06-27
MEDIUM
5.4
Cross-Site Request Forgery (CSRF) vulnerability in Elena Yamshikova Virusdie allows Cross Site Request Forgery. This issue affects Virusdie: from n/a…
CVE-2025-53264
2025-06-27
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in Konrád Koller ONet Regenerate Thumbnails allows Cross Site Request Forgery. This issue affects ONet…
CVE-2025-53263
2025-06-27
MEDIUM
5.4
Cross-Site Request Forgery (CSRF) vulnerability in PluginsCafe Address Autocomplete via Google for Gravity Forms allows Cross Site Request Forgery. This…
CVE-2025-53262
2025-06-27
MEDIUM
5.4
Cross-Site Request Forgery (CSRF) vulnerability in Writesonic Writesonic allows Cross Site Request Forgery. This issue affects Writesonic: from n/a through…
CVE-2025-53261
2025-06-27
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in macbookandrew WP YouTube Live allows Cross Site Request Forgery. This issue affects WP YouTube…
CVE-2025-53260
2025-06-27
CRITICAL
9.1
Unrestricted Upload of File with Dangerous Type vulnerability in getredhawkstudio File Manager Plugin For Wordpress allows Upload a Web Shell…
CVE-2025-53259
2025-06-27
HIGH
7.5
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nicdark Hotel Booking allows…
CVE-2025-53258
2025-06-27
HIGH
7.6
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wow-Company Hover Effects allows SQL Injection.…
CVE-2025-53257
2025-06-27
HIGH
7.5
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Serhii Pasyuk Gmedia Photo…
CVE-2025-53256
2025-06-27
HIGH
7.6
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YayCommerce YaySMTP allows SQL Injection. This…
CVE-2025-53255
2025-06-27
MEDIUM
5.3
Missing Authorization vulnerability in Nabil Lemsieh HurryTimer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects HurryTimer: from…
CVE-2025-53254
2025-06-27
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in webcraftic Cyrlitera allows Cross Site Request Forgery. This issue affects Cyrlitera: from n/a through…
CVE-2025-53253
2025-06-27
MEDIUM
5.9
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Josh WP Edit allows Stored XSS. This issue…
CVE-2025-53211
2025-06-27
MEDIUM
5.3
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Roland Beaussant Audio Editor & Recorder allows Retrieve…
CVE-2025-53206
2025-06-27
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HT Plugins HT Mega – Absolute Addons for…
CVE-2025-53203
2025-06-27
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder allows Cross Site Request Forgery. This issue affects WooCommerce…
CVE-2025-53202
2025-06-27
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CyberChimps Responsive Blocks allows DOM-Based XSS. This issue…
CVE-2025-53200
2025-06-27
MEDIUM
4.3
Missing Authorization vulnerability in QuantumCloud ChatBot allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ChatBot: from n/a…
CVE-2025-53199
2025-06-27
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HT Plugins HT Slider For Elementor allows DOM-Based…
CVE-2025-53197
2025-06-27
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in cookiebot Cookiebot allows Cross Site Request Forgery. This issue affects Cookiebot: from n/a through…
CVE-2025-53193
2025-06-27
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in Burst Statistics B.V. Burst Statistics allows Cross Site Request Forgery. This issue affects Burst…
CVE-2025-52993
2025-06-27
MEDIUM
5.6
A race condition in the Nix, Lix, and Guix package managers enables changing the ownership of arbitrary files to the…
CVE-2025-53018
2025-06-27
LOW
3.0
Lychee is a free, open-source photo-management tool. Prior to version 6.6.13, a critical Server-Side Request Forgery (SSRF) vulnerability exists in…
CVE-2025-52992
2025-06-27
LOW
3.2
The Nix, Lix, and Guix package managers fail to properly set permissions when a derivation build fails. This may allow…
CVE-2025-52991
2025-06-27
LOW
3.2
The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This…
« Anterior
Página 221 de 3493
Siguiente »
Page load link
Go to Top
