CVE-2025-31017

CVE-2025-31017: Nav Menu Manager suffers an authenticated Stored XSS (CWE) in versions up to 3.2.5. The vulnerability can be exploited by an attacker with at least Contributor privileges via stored input that is rendered on web pages, potentially impacting confidentiality, integrity, and availabi...

CVE-2025-31534 WordPress Shopper plugin <= 3.2.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in shopperdotcom Shopper shopper allows SQL Injection.This issue affects Shopper: from n/a through = 3.2.5...

Aim Excessive Data Query Operations in a Large Data Table vulnerability

In version 3.25.0 of aimhubio/aim, a denial of service vulnerability exists. By tracking a large number of Text objects and then querying them simultaneously through the web API, the Aim web server becomes unresponsive to other requests for an extended period while processing and returning these...

SUSE CVE-2024-23807

The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via...