3 matches found
CVE-2025-9488
CVE-2025-9488 affects the Redux Framework WordPress plugin (≤4.5.8). It enables Stored Cross‑Site Scripting via the data parameter by authenticated users with Contributor+; scripts execute on the affected pages when loaded. Wordfence reports this CVE as patched (patch status: Patched); no exploit...
CVE-2025-29153
SQL Injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the Data export, filters functions...
CVE-2025-29154
HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to execute arbitrary code via the .galera.app/ted/solicitacaotreinamento/, .galera.app/rh/metas/perspectivaestrategica/edicao/, .galera.app/rh/cadastros/perspectivas/listagem/adc/,...