Lucene search
K

2840 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:48 a.m.11 views

CVE-2025-23911

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in solidres Solidres – Hotel booking plugin solidres allows SQL Injection.This issue affects Solidres – Hotel booking plugin: from n/a through = 0.9.4...

8.5CVSS7.3AI score0.00491EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:48 a.m.4 views

CVE-2025-23920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sourcing Team ApplicantPro applicantpro allows Reflected XSS.This issue affects ApplicantPro: from n/a through = 1.3.9...

7.1CVSS7.2AI score0.00297EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:48 a.m.7 views

CVE-2025-23685

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebTechGlobal RomanCart romancart-on-wordpress allows Reflected XSS.This issue affects RomanCart: from n/a through = 0.0.2...

7.1CVSS7.2AI score0.003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:48 a.m.5 views

CVE-2025-23784

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David Jeffrey Contact Form 7 Round Robin Lead Distribution contact-form-7-round-robin-lead-distribution allows SQL Injection.This issue affects Contact Form 7 Round Robin Lead Distribution: from n/...

7.3AI score0.00437EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.5 views

CVE-2025-23664

Cross-Site Request Forgery CSRF vulnerability in Real Seguro Viagem Real Seguro Viagem seguro-viagem allows Stored XSS.This issue affects Real Seguro Viagem: from n/a through = 2.0.5...

7.1CVSS7.2AI score0.00184EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.5 views

CVE-2025-23673

Cross-Site Request Forgery CSRF vulnerability in dkukral Email on Publish email-on-publish allows Stored XSS.This issue affects Email on Publish: from n/a through = 1.5...

7.1CVSS7.2AI score0.0017EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.7 views

CVE-2025-23835

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jmraya Legal + legal-plus allows Reflected XSS.This issue affects Legal +: from n/a through = 1.0...

7.1CVSS7.2AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.4 views

CVE-2025-23871

Cross-Site Request Forgery CSRF vulnerability in Bas Matthee LSD Google Maps Embedder lsd-google-maps-embedder allows Cross Site Request Forgery.This issue affects LSD Google Maps Embedder: from n/a through = 1.1...

7.1CVSS7.2AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.8 views

CVE-2025-23736

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webgdawg Form To JSON form-to-json allows Reflected XSS.This issue affects Form To JSON: from n/a through = 1.0...

7.1CVSS5.9AI score0.00363EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.9 views

CVE-2025-23422

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in moaluko Store Locator store-locator allows PHP Local File Inclusion.This issue affects Store Locator: from n/a through = 3.98.10...

7.5CVSS7.2AI score0.00601EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.9 views

CVE-2025-23822

Cross-Site Request Forgery CSRF vulnerability in alicornea Category Custom Fields categorycustomfields allows Cross Site Request Forgery.This issue affects Category Custom Fields: from n/a through = 1.0...

7.1CVSS7.2AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.8 views

CVE-2025-23714

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in podspod AppReview appreview allows Reflected XSS.This issue affects AppReview: from n/a through = 0.2.9...

7.1CVSS7.2AI score0.00366EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:47 a.m.9 views

CVE-2025-23839

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Asif Shakeel Sticky Button sticky-chat-button allows Stored XSS.This issue affects Sticky Button: from n/a through = 1.0...

7.1CVSS7.2AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:46 a.m.6 views

CVE-2025-23509

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in siteheart HyperComments comments-with-hypercommentscom allows Reflected XSS.This issue affects HyperComments: from n/a through = 0.9.6...

7.1CVSS7.2AI score0.00378EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:46 a.m.12 views

CVE-2025-23932

Deserialization of Untrusted Data vulnerability in Marko-M Quick Count quick-count allows Object Injection.This issue affects Quick Count: from n/a through = 3.00...

9.8CVSS7.2AI score0.00704EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:46 a.m.8 views

CVE-2025-23976

Cross-Site Request Forgery CSRF vulnerability in operationsissuu Issuu Panel issuu-panel allows Stored XSS.This issue affects Issuu Panel: from n/a through = 2.1.1...

7.1CVSS7.2AI score0.00129EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:45 a.m.9 views

CVE-2022-38758

Cross-site Scripting XSS vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL...

7.2CVSS6AI score0.00448EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:45 a.m.11 views

CVE-2022-38355

Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to attackers with access to the local area network LAN to disclose sensitive information stored by the affected product without requiring authentication...

7.5CVSS6AI score0.00406EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:41 a.m.15 views

CVE-2022-0526

Cross-site Scripting XSS - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0...

7.3CVSS5.9AI score0.00856EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:41 a.m.10 views

CVE-2022-0964

Stored XSS viva .webmv file upload in GitHub repository star7th/showdoc prior to 2.10.4...

8CVSS5.8AI score0.00825EPSS
Exploits1References1
Rows per page
Query Builder