CVE-2026-25025 WordPress VikRestaurants plugin <= 1.5.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikRestaurants vikrestaurants allows Reflected XSS.This issue affects VikRestaurants: from n/a through = 1.5.2...

CVE-2023-25025

Cross-Site Request Forgery CSRF vulnerability in Chetan Gole WP-CopyProtect Protect your blog posts plugin = 3.1.0 versions...

Linux Distros Unpatched Vulnerability : CVE-2018-25025

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption...

Linux Distros Unpatched Vulnerability : CVE-2019-25025

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The activerecord-sessionstore aka Active Record Session Store component through 1.1.3 for Ruby on Rails does not use a constant-time approach when delivering...

CVE-2025-25025

IBM Security Guardium 12.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2025-25025

creationtimestamp| type| source ---|---|--- 2025-05-28 02:00:04+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq746hd4r552 2025-05-28 03:41:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lq7bum4yql2m...

CVE-2025-25025 IBM Security Guardium information disclosure

IBM Security Guardium 12.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2025-25025 IBM Security Guardium information disclosure

IBM Security Guardium 12.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

CVE-2021-25025

The EventCalendar WordPress plugin before 1.1.51 does not have proper authorisation and CSRF checks in the addcalendarevent AJAX actions, allowing users with a role as low as subscriber to create events...

CVE-2020-25025

The l10nmgr aka Localization Manager extension before 7.4.0, 8.x before 8.7.0, and 9.x before 9.2.0 for TYPO3 allows Information Disclosure translatable fields...

CVE-2018-25025

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption...

CVE-2024-7600 Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability

Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability. This vulnerability allows remote attackers to delete arbitrary files on affected installations of Logsign Unified SecOps Platform. Authentication is required to exploit this vulnerability. The specific flaw...

CVE-2023-25025

creationtimestamp| type| source ---|---|--- 2023-10-04 18:12:21+00:00| seen| https://t.me/cibsecurity/71586...

CVE-2023-25025

Cross-Site Request Forgery CSRF vulnerability in Chetan Gole WP-CopyProtect Protect your blog posts plugin = 3.1.0 versions...

CVE-2023-25025

Cross-Site Request Forgery CSRF vulnerability in Chetan Gole WP-CopyProtect Protect your blog posts plugin = 3.1.0 versions...

CVE-2023-25025

CVE-2023-25025 applies to the WordPress plugin WP-CopyProtect (Chetan Gole) and affects versions &lt;= 3.1.0. The vulnerability is a Cross-Site Request Forgery (CSRF) in the plugin’s settings update flow, which could allow an authenticated attacker to trigger unintended admin actions. Public sour...

WordPress WP-CopyProtect [Protect your blog posts] Plugin <= 3.1.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP-CopyProtect Protect your blog posts Type Plugin Vulnerable versions = 3.1.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-25025 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 483e3127703e Credit...

CVE-2021-25025

CVE-2021-25025 affects the WordPress EventCalendar plugin before 1.1.51. The root cause is insufficient authorization and CSRF checks in the add_calendar_event AJAX actions, enabling a user with a role as low as subscriber to create events. Impact is unauthorized event creation without proper pri...

CVE-2018-25025

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption...

CVE-2018-25025

CVE-2018-25025 affects the Rust actix-web crate before version 0.7.15, where it can unsoundly extend the lifetime of a string, leading to memory corruption. The issue is documented with high/critical impact (NVD: CVSS v2 7.5 HIGH; CVSS v3.1 9.8 CRITICAL) and is associated with a network attack su...