CVE-2025-5053

creationtimestamp| type| source ---|---|--- 2025-05-22 01:50:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lppyun3r2m2q...

WordPress Forms Plugin <= 2.8.0 is vulnerable to Arbitrary File Upload

Software Forms Type Plugin Vulnerable versions = 2.8.0 Fixed in 2.8.1 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-51791 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 0594a374dbac Credits stealthcopter Required privilege Unauthenticated...

WordPress LH Add Media From Url Plugin <= 1.23 is vulnerable to Cross Site Scripting (XSS)

Software LH Add Media From Url Type Plugin Vulnerable versions = 1.23 Fixed in 1.30 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7090 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b062d0fb1671 Credits Piotr Kuśpit...

WordPress CBX Bookmark & Favorite Plugin <= 1.7.20 is vulnerable to SQL Injection

Software CBX Bookmark & Favorite Type Plugin Vulnerable versions = 1.7.20 Fixed in 1.7.21 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-32132 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 07995252cb06 Credits Muhammad Daffa Required privilege...

WordPress Citadela Listing Plugin < 5.20.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Citadela Listing Type Plugin Vulnerable versions 5.20.0 Fixed in 5.20.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32085 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID f26a9b49d873 Credits Dave Jong Patchsta...

Dir2web3 3.0 SQL Injection / Information Disclosure

Title: ====== Dir2web3 Multiple Vulnerabilities Date: ===== 05/08/2012 Author: ======= Daniel Correa http://www.sinfocol.org/ Vulnerable software: ==================== Dir2web v3.0 http://www.dir2web.it/ CVE: ==== CVE-2012-4069 CVE-2012-4070 Details: ======== There are two vulnerabilities...

Unfixed XSS vulnerability at secure.news-service.com

Security researcher watt, has submitted on 18/10/2010 a cross-site-scripting XSS vulnerability affecting secure.news-service.com, which at the time of submission ranked 457603 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/12/2011. It is...

Unfixed XSS vulnerability at sans-sucre.tapz.be

Security researcher xylitol, has submitted on 12/10/2008 a cross-site-scripting XSS vulnerability affecting sans-sucre.tapz.be, which at the time of submission ranked 28220638 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/11/2008. It is...

Unfixed XSS vulnerability at static-206.196.111.182.primary.net

Security researcher Uber0n, has submitted on 28/04/2008 a cross-site-scripting XSS vulnerability affecting static-206.196.111.182.primary.net, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 29/04/2008. ...