920 matches found
CVE-2025-27269
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anton Aleksandrov .htaccess Login block htaccess-login-block allows Reflected XSS.This issue affects .htaccess Login block: from n/a through = 0.9a...
CVE-2025-27263
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Creativeitem Doctor Appointment Booking doctor-appointment-booking allows SQL Injection.This issue affects Doctor Appointment Booking: from n/a through = 1.0.0...
CVE-2025-27271
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alberto Cocchiara DB Tables Import/Export db-tables-importexport allows Reflected XSS.This issue affects DB Tables Import/Export: from n/a through = 1.0.1...
CVE-2025-27279
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lynk Flashfader flashfader allows Reflected XSS.This issue affects Flashfader: from n/a through = 1.1.1...
CVE-2025-26563
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Muneeb Mobile rocket-wp-mobile allows Reflected XSS.This issue affects Mobile: from n/a through = 1.3.3...
CVE-2025-26589
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cristopher Dino IE CSS3 Support ie-css3-support allows Reflected XSS.This issue affects IE CSS3 Support: from n/a through = 2.0.1...
CVE-2025-26585
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DyadyaLesha DL Leadback dl-leadback allows Reflected XSS.This issue affects DL Leadback: from n/a through = 1.2.1...
CVE-2025-26534
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in helloprint Helloprint helloprint allows Path Traversal.This issue affects Helloprint: from n/a through = 2.0.7...
CVE-2025-26970
Improper Control of Generation of Code 'Code Injection' vulnerability in FRESHFACE Ark Theme Core ark-core allows Code Injection.This issue affects Ark Theme Core: from n/a through 1.71.0...
CVE-2025-26535
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CodeSolz Bitcoin / AltCoin Payment Gateway for WooCommerce woo-altcoin-payment-gateway allows Blind SQL Injection.This issue affects Bitcoin / AltCoin Payment Gateway for WooCommerce: from n/a...
CVE-2025-26588
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gabrielperezs TTT Crop ttt-crop allows Reflected XSS.This issue affects TTT Crop: from n/a through = 1.0...
CVE-2025-26540
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in helloprint Helloprint helloprint allows Path Traversal.This issue affects Helloprint: from n/a through = 2.0.7...
CVE-2025-26586
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in abelony Events Planner events-planner allows Reflected XSS.This issue affects Events Planner: from n/a through = 1.3.10...
CVE-2025-27279
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lynk Flashfader flashfader allows Reflected XSS.This issue affects Flashfader: from n/a through = 1.1.1...
CVE-2025-27274
Path Traversal vulnerability in NotFound GPX Viewer allows Path Traversal. This issue affects GPX Viewer: from n/a through 2.2.11...
CVE-2025-27264
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Creativeitem Doctor Appointment Booking doctor-appointment-booking allows PHP Local File Inclusion.This issue affects Doctor Appointment Booking: from n/a through = 1.0.0...
CVE-2025-27269
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anton Aleksandrov .htaccess Login block htaccess-login-block allows Reflected XSS.This issue affects .htaccess Login block: from n/a through = 0.9a...
CVE-2025-27271
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alberto Cocchiara DB Tables Import/Export db-tables-importexport allows Reflected XSS.This issue affects DB Tables Import/Export: from n/a through = 1.0.1...
CVE-2025-27274
Path Traversal: '.../...//' vulnerability in axelkeller GPX Viewer gpx-viewer allows Path Traversal.This issue affects GPX Viewer: from n/a through = 2.2.11...
CVE-2025-26970
Improper Control of Generation of Code 'Code Injection' vulnerability in NotFound Ark Theme Core ark-core allows Code Injection.This issue affects Ark Theme Core: from n/a before 1.71.0...