8 matches found
CVE-2025-15475 PayHere Payment Gateway Plugin for WooCommerce <= 2.3.9 - Missing Authorization to Unauthenticated Order Status Modification
The PayHere Payment Gateway Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to an improper validation logic in the checkpayhereresponse function in all versions up to, and including, 2.3.9. This makes it possible for unauthenticated attackers to...
CVE-2025-64119
A vulnerability in Nuvation Battery Management System allows Authentication Bypass.This issue affects Battery Management System: through 2.3.9...
EUVD-2025-204069
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in wpweb Follow My Blog Post follow-my-blog-post allows Retrieve Embedded Sensitive Data.This issue affects Follow My Blog Post: from n/a through = 2.3.9...
CVE-2025-64258
CVE-2025-64258 concerns the WordPress plugin Follow My Blog Post (versions
EUVD-2025-30558
Malicious code in bioql PyPI...
CVE-2025-60161
CVE-2025-60161: ZoloBlocks (ZoloBlocks plugin)
CVE-2025-58230 WordPress ZoloBlocks plugin <= 2.3.12 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bdthemes ZoloBlocks zoloblocks allows DOM-Based XSS.This issue affects ZoloBlocks: from n/a through = 2.3.12...
Cisco Meeting Server Denial of Service Vulnerability (CNVD-2019-16513)
Cisco Meeting Server formerly known as Acano Conferencing Server, CMS is the United States Cisco Cisco company's set of audio and video conferencing server software. A denial of service vulnerability exists in Session Initiation Protocol SIP call processing in Cisco Meeting Server CMS versions...