Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

CVE ID Publicado Severidad CVSS Descripción
CVE-2025-30634 2025-06-06 MEDIUM 5.9 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IWEBIX WP Featured Content Slider allows Stored XSS.…
CVE-2025-30632 2025-06-06 MEDIUM 5.4 Cross-Site Request Forgery (CSRF) vulnerability in pozzad Global Translator allows Cross Site Request Forgery. This issue affects Global Translator: from…
CVE-2025-30630 2025-06-06 MEDIUM 5.9 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pozzad Global Translator allows Stored XSS. This issue…
CVE-2025-30629 2025-06-06 MEDIUM 4.3 Cross-Site Request Forgery (CSRF) vulnerability in Codehaveli Bitly URL Shortener allows Cross Site Request Forgery. This issue affects Bitly URL…
CVE-2025-30627 2025-06-06 MEDIUM 5.9 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in regolithsjk Elegant Visitor Counter allows Stored XSS. This…
CVE-2025-30625 2025-06-06 MEDIUM 5.9 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt Pramschufer AppBanners allows Stored XSS. This issue…
CVE-2025-30624 2025-06-06 MEDIUM 4.3 Missing Authorization vulnerability in WordLift WordLift allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordLift: from n/a…
CVE-2025-29013 2025-06-06 MEDIUM 5.4 Missing Authorization vulnerability in faaiq Custom Category/Post Type Post order allows Exploiting Incorrectly Configured Access Control Security Levels. This issue…
CVE-2025-29011 2025-06-06 MEDIUM 6.5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CHR Designer YouTube Simple Gallery allows Stored XSS.…
CVE-2025-29010 2025-06-06 MEDIUM 4.3 Missing Authorization vulnerability in eleopard Behance Portfolio Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Behance…
CVE-2025-29008 2025-06-06 MEDIUM 4.9 Server-Side Request Forgery (SSRF) vulnerability in ShawonPro SocialMark allows Server Side Request Forgery. This issue affects SocialMark: from n/a through…
CVE-2025-29006 2025-06-06 MEDIUM 5.3 Missing Authorization vulnerability in centangle Direct Checkout for WooCommerce Lite allows Accessing Functionality Not Properly Constrained by ACLs. This issue…
CVE-2025-29005 2025-06-06 MEDIUM 4.3 Cross-Site Request Forgery (CSRF) vulnerability in weblizar HR Management Lite allows Cross Site Request Forgery. This issue affects HR Management…
CVE-2025-29003 2025-06-06 MEDIUM 6.5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mva7 The Holiday Calendar allows Stored XSS. This…
CVE-2025-28997 2025-06-06 MEDIUM 5.3 Missing Authorization vulnerability in EXEIdeas International WP AutoKeyword allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP…
CVE-2025-28996 2025-06-06 MEDIUM 4.3 Missing Authorization vulnerability in Thad Allender GPP Slideshow allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GPP…
CVE-2025-28995 2025-06-06 MEDIUM 5.3 Missing Authorization vulnerability in viralloops Viral Loops WP Integration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects…
CVE-2025-28994 2025-06-06 MEDIUM 4.3 Missing Authorization vulnerability in viralloops Viral Loops WP Integration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects…
CVE-2025-28989 2025-06-06 MEDIUM 5.9 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arildur Read More Login allows Stored XSS. This…
CVE-2025-28986 2025-06-06 HIGH 8.2 Cross-Site Request Forgery (CSRF) vulnerability in Webaholicson Epicwin Plugin allows SQL Injection. This issue affects Epicwin Plugin: from n/a through…
CVE-2025-28985 2025-06-06 MEDIUM 5.4 Missing Authorization vulnerability in Elastic Email Elastic Email Subscribe Form allows Exploiting Incorrectly Configured Access Control Security Levels. This issue…
CVE-2025-28984 2025-06-06 MEDIUM 4.3 Cross-Site Request Forgery (CSRF) vulnerability in storepro Subscription Renewal Reminders for WooCommerce allows Cross Site Request Forgery. This issue affects…
CVE-2025-28981 2025-06-06 HIGH 7.1 Cross-Site Request Forgery (CSRF) vulnerability in Soli WP Mail Options allows Stored XSS. This issue affects WP Mail Options: from…
CVE-2025-28974 2025-06-06 HIGH 7.1 Cross-Site Request Forgery (CSRF) vulnerability in mail250 Free WP Mail SMTP allows Stored XSS. This issue affects Free WP Mail…
CVE-2025-28966 2025-06-06 HIGH 7.1 Cross-Site Request Forgery (CSRF) vulnerability in dilemma123 Recent Posts Slider Responsive allows Stored XSS. This issue affects Recent Posts Slider…
CVE-2025-28964 2025-06-06 HIGH 7.1 Cross-Site Request Forgery (CSRF) vulnerability in mangup Personal Favicon allows Stored XSS. This issue affects Personal Favicon: from n/a through…
CVE-2025-28958 2025-06-06 HIGH 7.1 Cross-Site Request Forgery (CSRF) vulnerability in Vadim Bogaiskov Bg Orthodox Calendar allows Stored XSS. This issue affects Bg Orthodox Calendar:…
CVE-2025-28954 2025-06-06 HIGH 7.4 Cross-Site Request Forgery (CSRF) vulnerability in wphobby Backwp allows Path Traversal. This issue affects Backwp: from n/a through 2.0.2.
CVE-2025-28952 2025-06-06 MEDIUM 4.3 Cross-Site Request Forgery (CSRF) vulnerability in Jonathan Lau CubePoints allows Cross Site Request Forgery. This issue affects CubePoints: from n/a…
CVE-2025-28950 2025-06-06 HIGH 7.1 Cross-Site Request Forgery (CSRF) vulnerability in David Shabtai Post Author allows Stored XSS. This issue affects Post Author: from n/a…
CVE-2025-28948 2025-06-06 HIGH 7.1 Cross-Site Request Forgery (CSRF) vulnerability in codedraft Mediabay - WordPress Media Library Folders allows Reflected XSS. This issue affects Mediabay…
CVE-2025-27360 2025-06-06 MEDIUM 4.3 Cross-Site Request Forgery (CSRF) vulnerability in WP Corner Quick Event Calendar allows Cross Site Request Forgery. This issue affects Quick…
CVE-2025-27359 2025-06-06 MEDIUM 4.3 Cross-Site Request Forgery (CSRF) vulnerability in Seerox WP Media File Type Manager allows Cross Site Request Forgery. This issue affects…
CVE-2025-27334 2025-06-06 MEDIUM 6.5 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ángel C. Simple Google Static Map allows DOM-Based…
CVE-2025-26593 2025-06-06 MEDIUM 4.3 Cross-Site Request Forgery (CSRF) vulnerability in FasterThemes FastBook allows Cross Site Request Forgery. This issue affects FastBook: from n/a through…
CVE-2025-26590 2025-06-06 HIGH 7.6 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nir Complete Google Seo Scan allows…
CVE-2025-24778 2025-06-06 MEDIUM 5.4 Missing Authorization vulnerability in De paragon No Spam At All allows Exploiting Incorrectly Configured Access Control Security Levels. This issue…
CVE-2025-24776 2025-06-06 MEDIUM 5.4 Missing Authorization vulnerability in codelobster Responsive Flipbooks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Responsive Flipbooks:…
CVE-2025-24772 2025-06-06 MEDIUM 5.4 Cross-Site Request Forgery (CSRF) vulnerability in cmsMinds Pay with Contact Form 7 allows Cross Site Request Forgery. This issue affects…
CVE-2025-24763 2025-06-06 MEDIUM 5.3 Missing Authorization vulnerability in Pascal Casier bbPress API allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects bbPress…
CVE-2025-24762 2025-06-06 MEDIUM 5.4 Missing Authorization vulnerability in facturaone TicketBAI Facturas para WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects…
CVE-2025-23971 2025-06-06 MEDIUM 5.3 Missing Authorization vulnerability in whassan KI Live Video Conferences allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects…
CVE-2025-23969 2025-06-06 MEDIUM 5.3 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences allows Retrieve Embedded…
CVE-2023-26003 2025-06-06 HIGH 7.6 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vipul Jariwala WP Post Corrector allows…
CVE-2023-26002 2025-06-06 MEDIUM 4.3 Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 6Storage Rentals:…
CVE-2023-26001 2025-06-06 MEDIUM 5.9 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marchetti Design Next Event Calendar allows Stored XSS.…
CVE-2023-26000 2025-06-06 MEDIUM 5.9 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hanhdo205 Bang tinh vay allows Stored XSS. This…
CVE-2023-25997 2025-06-06 MEDIUM 6.5 Missing Authorization vulnerability in SolaPlugins Sola Support Ticket allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sola…
CVE-2023-25995 2025-06-06 HIGH 7.5 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in choicehomemortgage AI Mortgage Calculator…
CVE-2025-5763 2025-06-06 MEDIUM 4.7 A vulnerability has been found in Tenda CP3 11.10.00.2311090948 and classified as critical. Affected by this vulnerability is the function…
« Anterior Página 7 de 3219 Siguiente »