Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-9229 | 2025-08-20 | N/A | N/A | ||
| Information disclosure vulnerability in error handling in MiR software prior to version 3.0.0 allows unauthenticated attackers to view detailed error information, such as file paths and other data, via access to verbose error pages. | |||||
| CVE-2025-32947 | 2025-08-20 | N/A | N/A | ||
| This vulnerability allows any attacker to cause the PeerTube server to stop responding to requests due to an infinite loop in the "inbox" endpoint when receiving crafted ActivityPub activities. | |||||
| CVE-2025-5260 | 2025-08-20 | N/A | 8.6 HIGH | ||
| Server-Side Request Forgery (SSRF) vulnerability in Pik Online Yazilim Çözümleri A.S. Pik Online allows Server Side Request Forgery.This issue affects Pik Online: before 3.1.5. | |||||
| CVE-2025-5261 | 2025-08-20 | N/A | 7.5 HIGH | ||
| Authorization Bypass Through User-Controlled Key vulnerability in Pik Online Yazilim Çözümleri A.S. Pik Online allows Exploitation of Trusted Identifiers.This issue affects Pik Online: before 3.1.5. | |||||
| CVE-2025-9228 | 2025-08-20 | N/A | N/A | ||
| MiR software versions prior to version 3.0.0 have insufficient authorization controls when creating text notes, allowing low-privilege users to create notes which are intended only for administrative users. | |||||
| CVE-2025-53208 | 2025-08-20 | N/A | N/A | ||
| Authorization Bypass Through User-Controlled Key vulnerability in paymayapg Maya Business allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Maya Business: from n/a through 1.2.0. | |||||
| CVE-2025-49395 | 2025-08-20 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Icons allows Stored XSS. This issue affects Themify Icons: from n/a through 2.0.3. | |||||
| CVE-2025-54007 | 2025-08-20 | N/A | N/A | ||
| Deserialization of Untrusted Data vulnerability in PickPlugins Post Grid and Gutenberg Blocks allows Object Injection. This issue affects Post Grid and Gutenberg Blocks: from n/a through 2.3.11. | |||||
| CVE-2025-48298 | 2025-08-20 | N/A | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Benjamin Denis SEOPress for MainWP allows PHP Local File Inclusion. This issue affects SEOPress for MainWP: from n/a through 1.4. | |||||
| CVE-2025-53565 | 2025-08-20 | N/A | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Widget for Google Reviews allows PHP Local File Inclusion. This issue affects Widget for Google Reviews: from n/a through 1.0.15. | |||||
| CVE-2025-54750 | 2025-08-20 | N/A | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FunnelKit Funnel Builder by FunnelKit allows PHP Local File Inclusion. This issue affects Funnel Builder by FunnelKit: from n/a through 3.11.1. | |||||
| CVE-2025-54028 | 2025-08-20 | N/A | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Saleswonder Team Tobias CF7 WOW Styler allows PHP Local File Inclusion. This issue affects CF7 WOW Styler: from n/a through 1.7.2. | |||||
| CVE-2025-30975 | 2025-08-20 | N/A | N/A | ||
| Improper Control of Generation of Code ('Code Injection') vulnerability in SaifuMak Add Custom Codes allows Code Injection. This issue affects Add Custom Codes: from n/a through 4.80. | |||||
| CVE-2025-48151 | 2025-08-20 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CreativeMindsSolutions CM Map Locations allows Reflected XSS. This issue affects CM Map Locations: from n/a through 2.1.6. | |||||
| CVE-2025-54031 | 2025-08-20 | N/A | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Schiocco Support Board allows PHP Local File Inclusion. This issue affects Support Board: from n/a through 3.8.0. | |||||
| CVE-2025-53226 | 2025-08-20 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in digitalzoomstudio Comments Capcha Box allows Reflected XSS. This issue affects Comments Capcha Box: from n/a through 1.1. | |||||
| CVE-2025-9225 | 2025-08-20 | N/A | N/A | ||
| Stored cross-site scripting (XSS) in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser | |||||
| CVE-2025-48159 | 2025-08-20 | N/A | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Youtube Vimeo Video Player and Slider WP Plugin allows Reflected XSS. This issue affects Youtube Vimeo Video Player and Slider WP Plugin: from n/a through 3.8. | |||||
| CVE-2025-48165 | 2025-08-20 | N/A | N/A | ||
| Incorrect Privilege Assignment vulnerability in DELUCKS DELUCKS SEO allows Privilege Escalation. This issue affects DELUCKS SEO: from n/a through 2.6.0. | |||||
| CVE-2025-54017 | 2025-08-20 | N/A | N/A | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cozmoslabs Paid Member Subscriptions allows PHP Local File Inclusion. This issue affects Paid Member Subscriptions: from n/a through 2.15.4. | |||||