17 matches found
WordPress Golo Theme <= 1.7.1 is vulnerable to Cross Site Scripting (XSS)
Software Golo Type Theme Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-54724 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9a5f34e954ab Credits Bonds Required privilege Unauthenticated...
WordPress Mesa Mesa Reservation Widget plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Vinit Lakra Patchstack Alliance in WordPress Plugin Mesa Mesa Reservation Widget versions = 1.0.0...
PT-2025-34588 · Undefined · Undefined
CVE-2025-8193 - "Apache HTTP Server Information Disclosure Vulnerability" CVE ID : CVE-2025-8193 Published : Aug. 22, 2025, 11:15 p.m. | 1 hour, 3 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the lin...
WordPress tli.tl auto Twitter poster plugin <= 3.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Jieun Kim Patchstack Alliance in WordPress Plugin tli.tl auto Twitter poster versions = 3.4...
WordPress Templately Plugin <= 3.2.7 - Sensitive Data Exposure Vulnerability
Sensitive Data Exposure Vulnerability discovered by ch4r0n Patchstack Alliance in WordPress Plugin Templately versions = 3.2.7...
PT-2025-34335 · Undefined · Undefined
CVE-2025-57744 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-57744 Published : Aug. 20, 2025, 4:16 a.m. | 3 hours, 59 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2025-33836 · Undefined · Undefined
CVE-2025-57724 - Apache HTTP Server Denial of Service CVE ID : CVE-2025-57724 Published : Aug. 19, 2025, 3:15 a.m. | 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2025-33831 · Undefined · Undefined
CVE-2025-57719 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2025-57719 Published : Aug. 19, 2025, 3:15 a.m. | 57 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2025-33615 · Undefined · Undefined
CVE-2025-55725 - Apache HTTP Server Command Injection CVE ID : CVE-2025-55725 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 46 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2025-33617 · Undefined · Undefined
CVE-2024-12573 - Apache Web Server Authentication Bypass CVE ID : CVE-2024-12573 Published : Aug. 15, 2025, 3:15 p.m. | 2 hours, 49 minutes ago Description : Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-24752 Reason: This candidate is a reservation duplicate of...
PT-2025-33611 · Undefined · Undefined
CVE-2025-55721 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2025-55721 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 46 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...
PT-2025-33612 · Undefined · Undefined
CVE-2025-55722 - Apache Struts Cross-Site Scripting XSS CVE ID : CVE-2025-55722 Published : Aug. 15, 2025, 3:15 a.m. | 2 hours, 46 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
WordPress EventON Lite plugin <= 2.4.6 - Authenticated (Contributor+) Information Disclosure vulnerability
Authenticated Contributor+ Information Disclosure vulnerability discovered by Takihana Shota in WordPress Plugin EventON versions = 2.4.6...
WordPress Graphina plugin <= 3.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin Graphina versions = 3.1.3...
WordPress RSS Feed Pro Plugin <= 1.1.8 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin RSS Feed Pro versions = 1.1.8...
WordPress Forms <= 2.9.0 - Arbitrary File Upload Vulnerability
Arbitrary File Upload Vulnerability discovered by astra.r3verii in WordPress Plugin Forms versions = 2.9.0...
WordPress GMap - Venturit plugin <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'h' Parameter vulnerability
WordPress GMap - Venturit plugin = 1.1 - Authenticated Contributor+ Stored Cross-Site Scripting via 'h' Parameter vulnerability discovered by muhammad yudha in WordPress Plugin GMap Generator versions = 1.1...