CVE-2025-14792

The Key Figures plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the kffieldfiguredefaultcolorrender function in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2020-6298

SAP Banking Services Generic Market Data, versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data GMD and change related GMD key figure values, due to Missing Authorization Check...