Detections
Analytics

Newest CVEs

IDDescriptionSeverity
CVE-2024-45571Memory corruption may occour occur when stopping the WLAN interface after processing a WMI command from the interface.
high
CVE-2024-45569Memory corruption while parsing the ML IE due to invalid frame content.
critical
CVE-2024-45561Memory corruption while handling IOCTL call from user-space to set latency level.
high
CVE-2024-45560Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer.
high
CVE-2024-38420Memory corruption while configuring a Hypervisor based input virtual device.
high
CVE-2024-38418Memory corruption while parsing the memory map info in IOCTL calls.
high
CVE-2024-38417Information disclosure while processing IO control commands.
medium
CVE-2024-38416Information disclosure during audio playback.
medium
CVE-2024-38414Information disclosure while processing information on firmware image during core initialization.
medium
CVE-2024-38413Memory corruption while processing frame packets.
high
CVE-2024-38412Memory corruption while invoking IOCTL calls from user-space to kernel-space to handle session errors.
high
CVE-2024-38411Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls.
high
CVE-2024-38404Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.
high
CVE-2025-24781Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WPJobBoard allows Reflected XSS. This issue affects WPJobBoard: from n/a through 5.10.1.
high
CVE-2025-24707Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GT3 Photo Gallery Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery allows Reflected XSS. This issue affects Photo Gallery - GT3 Image Gallery & Gutenberg Block Gallery: from n/a through 2.7.7.24.
high
CVE-2025-24697Missing Authorization vulnerability in Realwebcare Image Gallery – Responsive Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Image Gallery – Responsive Photo Gallery: from n/a through 1.0.5.
medium
CVE-2025-24684Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ederson Peka Media Downloader allows Reflected XSS. This issue affects Media Downloader: from n/a through 0.4.7.5.
high
CVE-2025-24676Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metatagg Inc Custom WP Store Locator allows Reflected XSS. This issue affects Custom WP Store Locator: from n/a through 1.4.7.
high
CVE-2025-24661Deserialization of Untrusted Data vulnerability in MagePeople Team Taxi Booking Manager for WooCommerce allows Object Injection. This issue affects Taxi Booking Manager for WooCommerce: from n/a through 1.1.8.
critical
CVE-2025-24660Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wp.insider Simple Membership Custom Messages allows Reflected XSS. This issue affects Simple Membership Custom Messages: from n/a through 2.4.
high
CVE-2025-24656Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Realtyna Realtyna Provisioning allows Reflected XSS. This issue affects Realtyna Provisioning: from n/a through 1.2.2.
high
CVE-2025-24646Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maxim Glazunov XML for Avito allows Reflected XSS. This issue affects XML for Avito: from n/a through 2.5.2.
high
CVE-2025-24643Missing Authorization vulnerability in Amento Tech Pvt ltd WPGuppy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPGuppy: from n/a through 1.1.0.
medium
CVE-2025-24642Missing Authorization vulnerability in theme funda Setup Default Featured Image allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Setup Default Featured Image: from n/a through 1.2.
medium
CVE-2025-24639Insertion of Sensitive Information Into Sent Data vulnerability in GREYS Korea for WooCommerce allows Retrieve Embedded Sensitive Data. This issue affects Korea for WooCommerce: from n/a through 1.1.11.
medium
CVE-2025-24631Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PhiloPress BP Email Assign Templates allows Reflected XSS. This issue affects BP Email Assign Templates: from n/a through 1.5.
high
CVE-2025-24630Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MantraBrain Sikshya LMS allows Reflected XSS. This issue affects Sikshya LMS: from n/a through 0.0.21.
high
CVE-2025-24629Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPGear Import Excel to Gravity Forms allows Reflected XSS. This issue affects Import Excel to Gravity Forms: from n/a through 1.18.
high
CVE-2025-24620Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound AIO Shortcodes allows Stored XSS. This issue affects AIO Shortcodes: from n/a through 1.3.
high
CVE-2025-24605Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in realmag777 WOLF allows Path Traversal. This issue affects WOLF: from n/a through 1.0.8.5.
medium
CVE-2025-24576Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fatcat Apps Landing Page Cat allows Reflected XSS. This issue affects Landing Page Cat: from n/a through 1.7.7.
high
CVE-2025-24574Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pepro Dev. Group PeproDev WooCommerce Receipt Uploader allows Reflected XSS. This issue affects PeproDev WooCommerce Receipt Uploader: from n/a through 2.6.9.
high
CVE-2025-24569Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder allows Path Traversal. This issue affects PDF Generator Addon for Elementor Page Builder: from n/a through 1.7.5.
high
CVE-2025-24559Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster allows Reflected XSS. This issue affects WP Mailster: from n/a through 1.8.15.0.
high
CVE-2025-24557Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in plainware.com PlainInventory allows Reflected XSS. This issue affects PlainInventory: from n/a through 3.1.5.
high
CVE-2025-24556Insertion of Sensitive Information into Log File vulnerability in DualCube MooWoodle allows Retrieve Embedded Sensitive Data. This issue affects MooWoodle: from n/a through 3.2.4.
high
CVE-2025-24545Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BannerSky.com BSK Forms Validation allows Reflected XSS. This issue affects BSK Forms Validation: from n/a through 1.7.
high
CVE-2025-24544Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alexandros Georgiou Bitcoin and Altcoin Wallets allows Reflected XSS. This issue affects Bitcoin and Altcoin Wallets: from n/a through 6.3.1.
high
CVE-2025-24541Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Emili Castells DK White Label allows Reflected XSS. This issue affects DK White Label: from n/a through 1.0.
high
CVE-2025-24536Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThriveDesk ThriveDesk allows Reflected XSS. This issue affects ThriveDesk: from n/a through 2.0.6.
high
CVE-2025-23984Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainvireinfo Dynamic URL SEO allows Reflected XSS. This issue affects Dynamic URL SEO: from n/a through 1.0.
high
CVE-2025-23923Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Lockets allows Reflected XSS. This issue affects Lockets: from n/a through 0.999.
high
CVE-2025-23920Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ApplicantPro ApplicantPro allows Reflected XSS. This issue affects ApplicantPro: from n/a through 1.3.9.
high
CVE-2025-23819Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in NotFound WP Cloud allows Absolute Path Traversal. This issue affects WP Cloud: from n/a through 1.4.3.
high
CVE-2025-23799Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in .TUBE gTLD .TUBE Video Curator allows Reflected XSS. This issue affects .TUBE Video Curator: from n/a through 1.1.9.
high
CVE-2025-23755Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound PAFacile allows Reflected XSS. This issue affects PAFacile: from n/a through 2.6.1.
high
CVE-2025-23747Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nitesh Singh Awesome Timeline allows Stored XSS. This issue affects Awesome Timeline: from n/a through 1.0.1.
medium
CVE-2025-23685Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound RomanCart allows Reflected XSS. This issue affects RomanCart: from n/a through 0.0.2.
high
CVE-2025-23614Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nik Sudan WordPress Additional Logins allows Reflected XSS. This issue affects WordPress Additional Logins: from n/a through 1.0.0.
high
CVE-2025-23599Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound eMarksheet allows Reflected XSS. This issue affects eMarksheet: from n/a through 5.0.
high