Skip to content
Toggle Navigation
Home
ISO/IEC 27001
Introducción a ISO 27001
Requisitos Normativos
Todos el contenido
Ciberseguridad
Introducción a la ciberseguridad
Defensa de sistemas informáticos
Eventos de ciberseguridad
Glosario
Todos los artículos
Vulnerabilidades CVE
Normativa y Leyes
Novedades
Contacto
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Filtrar por severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
Filtrar
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2025-24778
2025-06-06
MEDIUM
5.4
Missing Authorization vulnerability in De paragon No Spam At All allows Exploiting Incorrectly Configured Access Control Security Levels. This issue…
CVE-2025-24776
2025-06-06
MEDIUM
5.4
Missing Authorization vulnerability in codelobster Responsive Flipbooks allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Responsive Flipbooks:…
CVE-2025-24772
2025-06-06
MEDIUM
5.4
Cross-Site Request Forgery (CSRF) vulnerability in cmsMinds Pay with Contact Form 7 allows Cross Site Request Forgery. This issue affects…
CVE-2025-24763
2025-06-06
MEDIUM
5.3
Missing Authorization vulnerability in Pascal Casier bbPress API allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects bbPress…
CVE-2025-24762
2025-06-06
MEDIUM
5.4
Missing Authorization vulnerability in facturaone TicketBAI Facturas para WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects…
CVE-2025-23971
2025-06-06
MEDIUM
5.3
Missing Authorization vulnerability in whassan KI Live Video Conferences allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects…
CVE-2025-23969
2025-06-06
MEDIUM
5.3
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences allows Retrieve Embedded…
CVE-2023-26003
2025-06-06
HIGH
7.6
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vipul Jariwala WP Post Corrector allows…
CVE-2023-26002
2025-06-06
MEDIUM
4.3
Missing Authorization vulnerability in 6Storage 6Storage Rentals allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 6Storage Rentals:…
CVE-2023-26001
2025-06-06
MEDIUM
5.9
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marchetti Design Next Event Calendar allows Stored XSS.…
CVE-2023-26000
2025-06-06
MEDIUM
5.9
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hanhdo205 Bang tinh vay allows Stored XSS. This…
CVE-2023-25997
2025-06-06
MEDIUM
6.5
Missing Authorization vulnerability in SolaPlugins Sola Support Ticket allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sola…
CVE-2023-25995
2025-06-06
HIGH
7.5
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in choicehomemortgage AI Mortgage Calculator…
CVE-2025-5763
2025-06-06
MEDIUM
4.7
A vulnerability has been found in Tenda CP3 11.10.00.2311090948 and classified as critical. Affected by this vulnerability is the function…
CVE-2025-5762
2025-06-06
MEDIUM
6.3
A vulnerability, which was classified as critical, was found in code-projects Patient Record Management System 1.0. Affected is an unknown…
CVE-2025-5761
2025-06-06
MEDIUM
6.3
A vulnerability, which was classified as critical, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects…
CVE-2025-5760
2025-06-06
MEDIUM
4.9
The Simple History plugin for WordPress is vulnerable to sensitive data exposure via Detective Mode due to improper sanitization within…
CVE-2025-5239
2025-06-06
MEDIUM
6.4
The Domain For Sale plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class_name’ parameter in all versions…
CVE-2025-49077
2025-06-06
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in ThemeHigh Dynamic Pricing and Discount Rules allows Cross Site Request Forgery.This issue affects Dynamic…
CVE-2025-49076
2025-06-06
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH Innovations The Plus Addons for Elementor Page…
CVE-2025-49075
2025-06-06
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Wishlist allows Stored XSS.This issue affects Wishlist:…
CVE-2025-49074
2025-06-06
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemesGrove WidgetKit allows Stored XSS.This issue affects WidgetKit:…
CVE-2025-49068
2025-06-06
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OceanWP Ocean Extra allows Stored XSS.This issue affects…
CVE-2025-49067
2025-06-06
MEDIUM
6.5
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NasaTheme Nasa Core allows Stored XSS.This issue affects…
CVE-2025-48337
2025-06-06
MEDIUM
5.3
Missing Authorization vulnerability in QuickcabWP QuickCab.This issue affects QuickCab: from n/a through 1.3.3.
CVE-2025-48335
2025-06-06
MEDIUM
5.4
Missing Authorization vulnerability in CyberChimps Responsive Plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Plus: from…
CVE-2025-48329
2025-06-06
HIGH
7.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daman Jeet Real Time Validation for Gravity Forms…
CVE-2025-48328
2025-06-06
MEDIUM
4.3
Cross-Site Request Forgery (CSRF) vulnerability in Daman Jeet Real Time Validation for Gravity Forms allows Cross Site Request Forgery.This issue…
CVE-2025-47586
2025-06-06
CRITICAL
9.0
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in StylemixThemes Motors - Events…
CVE-2025-47584
2025-06-06
HIGH
8.5
Deserialization of Untrusted Data vulnerability in ThemeGoods Photography.This issue affects Photography: from n/a through 7.5.2.
CVE-2025-41367
2025-06-06
N/A
0.0
Stored Cross-Site Scripting (XSS) vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability allows an attacker to store malicious JavaScript…
CVE-2025-41366
2025-06-06
N/A
0.0
In IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04, a configuration error has been detected in cross-origin resource sharing (CORS). Exploiting this vulnerability…
CVE-2025-41365
2025-06-06
N/A
0.0
Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability allows an attacker to store malicious payload in software…
CVE-2025-41364
2025-06-06
N/A
0.0
Stored Cross-Site Scripting (XSS) vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability allows an attacker to store malicious JavaScript…
CVE-2025-41363
2025-06-06
N/A
0.0
In IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04, a configuration error has been detected in cross-origin resource sharing (CORS). Exploiting this vulnerability…
CVE-2025-41362
2025-06-06
N/A
0.0
Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability allows an attacker to store malicious payload in software…
CVE-2025-41361
2025-06-06
N/A
0.0
Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. The devices improperly handle TLS requests associated with PROCOME sockets,…
CVE-2025-41360
2025-06-06
N/A
0.0
Uncontrolled resource consumption vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. The device is vulnerable to a packet flooding denial of…
CVE-2025-39358
2025-06-06
HIGH
8.8
Deserialization of Untrusted Data vulnerability in Teastudio.Pl WP Posts Carousel allows Object Injection.This issue affects WP Posts Carousel: from n/a…
CVE-2025-5759
2025-06-06
HIGH
7.3
A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. This vulnerability affects unknown…
CVE-2011-10007
2025-06-05
HIGH
8.8
File::Find::Rule through 0.34 for Perl is vulnerable to Arbitrary Code Execution when `grep()` encounters a crafted filename. A file handle…
CVE-2025-5702
2025-06-05
MEDIUM
5.6
The strcmp implementation optimized for the Power10 processor in the GNU C Library version 2.39 and later writes to vector…
CVE-2025-5679
2025-06-05
MEDIUM
6.3
A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is…
CVE-2025-5677
2025-06-05
HIGH
7.3
A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. This issue affects…
CVE-2025-5676
2025-06-05
HIGH
7.3
A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been declared as critical. This vulnerability affects…
CVE-2025-5675
2025-06-05
HIGH
7.3
A vulnerability was found in Campcodes Online Teacher Record Management System 1.0. It has been classified as critical. This affects…
CVE-2025-5674
2025-06-05
MEDIUM
6.3
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is…
CVE-2025-5672
2025-06-05
HIGH
8.8
A vulnerability has been found in TOTOLINK N302R Plus up to 3.4.0-B20201028 and classified as critical. Affected by this vulnerability…
CVE-2025-5671
2025-06-05
HIGH
8.8
A vulnerability, which was classified as critical, was found in TOTOLINK N302R Plus up to 3.4.0-B20201028. Affected is an unknown…
CVE-2025-46258
2025-06-05
MEDIUM
5.4
Missing Authorization vulnerability in BdThemes Element Pack Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Element Pack…
« Anterior
Página 8 de 3219
Siguiente »
Page load link
Go to Top
