cve.248.no

Recent

CVE-2025-36367CWE-862

IBM i is affected by a privilege escalation in IBM i SQL services

Published 2025-11-01 by ibm

CVE-2025-6988CWE-79

Kallyas <= 4.23.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published 2025-11-01 by Wordfence

CVE-2025-6990CWE-94

Kallyas <= 4.24.0 - Authenticated (Contributor+) Remote Code Execution

Published 2025-11-01 by Wordfence

CVE-2025-12137CWE-73

Import WP – Export and Import CSV and XML files to WordPress <= 2.14.16 - Authenticated (Admin+) Arbitrary File Read

Published 2025-11-01 by Wordfence

CVE-2025-12171CWE-434

RESTful Content Syndication 1.1.0 - 1.5.0 - Authenticated (Contributor+) Arbitrary File Upload

Published 2025-11-01 by Wordfence

CVE-2025-11755CWE-434

Delicious Recipes <= 1.9.0 - Authenticated (Contributor+) Arbitrary File Upload

Published 2025-11-01 by Wordfence

CVE-2025-10487CWE-94

Advanced Ads <= 2.0.12 - Unauthenticated Limited Code Execution

Published 2025-11-01 by Wordfence

CVE-2025-11499CWE-434

Tablesome Table – Contact Form DB – WPForms, CF7, Gravity, Forminator, Fluent <= 1.1.32 - Unauthenticated Arbitrary File Upload

Published 2025-11-01 by Wordfence

CVE-2025-6574CWE-639

Service Finder Bookings < 6.1 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover

Published 2025-11-01 by Wordfence

CVE-2025-11502CWE-79

Schema & Structured Data for WP & AMP <= 1.51 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published 2025-11-01 by Wordfence

CVE-2025-11740CWE-89

wpForo Forum <= 2.4.9 - Authenticated (Susbscriber+) SQL Injection

Published 2025-11-01 by Wordfence

CVE-2025-12038CWE-863

Folderly <= 0.3 - Incorrect Authorization to Authenticated (Author+) Term Deletion

Published 2025-11-01 by Wordfence

CVE-2025-11983CWE-200

WP Discourse <= 2.5.9 - Authenticated (Author+) Information Exposure

Published 2025-11-01 by Wordfence

CVE-2025-12090CWE-79

Employee Spotlight – Team Member Showcase & Meet the Team Plugin <= 5.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published 2025-11-01 by Wordfence

CVE-2025-12180CWE-862

Qi Blocks <= 1.4.3 - Missing Authorization to Authenticated (Contributor+) Plugin Settings Update

Published 2025-11-01 by Wordfence

CVE-2025-11927CWE-79

Flying Images: Optimize and Lazy Load Images for Faster Page Speed <= 2.4.14 - Authenticated (Admin+) Stored Cross-Site Scripting

Published 2025-11-01 by Wordfence

CVE-2025-5949CWE-639

Service Finder Bookings <= 6.0 - Authenticated (Subscriber+) Privilege Escalation via change_candidate_password

Published 2025-11-01 by Wordfence

CVE-2025-12118CWE-79

Schema Scalpel <= 1.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title in JSON-LD Schema

Published 2025-11-01 by Wordfence

CVE-2025-11995CWE-79

Community Events <= 1.5.2 - Unauthenticated Stored Cross-Site Scripting

Published 2025-11-01 by Wordfence

CVE-2025-11377CWE-200

List category posts <= 0.92.0 - Authenticated (Contributor+) Information Exposure

Published 2025-11-01 by Wordfence

Load more ↓

Search

Recent