Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

CVE güvenlik açıkları, KEV etiketleri, detay sayfaları ve kategori bazlı listeleme.
Toplam kayıt70,916
Sayfa3369 / 3546
FiltreYok
Medium CVSS: 4.3 Yayın: 2025-01-24 18:15:41

CVE-2025-24679

CWE-862
Missing Authorization vulnerability in webraketen Internal Links Manager seo-automated-link-building allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Internal Links Manager: from n/a through
Medium CVSS: 6.5 Yayın: 2025-01-24 18:15:41

CVE-2025-24678

CWE-80
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in listamester Listamester listamester allows Stored XSS.This issue affects Listamester: from n/a through
Medium CVSS: 6.5 Yayın: 2025-01-24 18:15:41

CVE-2025-24675

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) wp-stats-manager allows Stored XSS.This issue affects WP Visitor Statistics (Real Time Traffic):…
Medium CVSS: 5.9 Yayın: 2025-01-24 18:15:41

CVE-2025-24674

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Denis Cherniatev ShMapper by Teplitsa shmapper-by-teplitsa allows Stored XSS.This issue affects ShMapper by Teplitsa: from n/a through
Medium CVSS: 6.5 Yayın: 2025-01-24 18:15:41

CVE-2025-24673

CWE-80
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in AyeCode Ketchup Shortcodes ketchup-shortcodes-pack allows Stored XSS.This issue affects Ketchup Shortcodes: from n/a through
High CVSS: 8.5 Yayın: 2025-01-24 18:15:40

CVE-2025-24672

CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in codepeople Form Builder CP cp-easy-form-builder allows SQL Injection.This issue affects Form Builder CP: from n/a through
High CVSS: 8.5 Yayın: 2025-01-24 18:15:40

CVE-2025-24669

CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in serpednet SERPed.net serped-net allows SQL Injection.This issue affects SERPed.net: from n/a through
Medium CVSS: 5.9 Yayın: 2025-01-24 18:15:40

CVE-2025-24668

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle PPOM for WooCommerce woocommerce-product-addon allows Stored XSS.This issue affects PPOM for WooCommerce: from n/a through
Medium CVSS: 5.9 Yayın: 2025-01-24 18:15:40

CVE-2025-24666

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle AI Chatbot for WordPress – Hyve Lite hyve-lite allows Stored XSS.This issue affects AI Chatbot for WordPress – Hyve Lite: from n/a through
High CVSS: 7.6 Yayın: 2025-01-24 18:15:40

CVE-2025-24663

CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mra13 Simple Download Monitor simple-download-monitor allows Blind SQL Injection.This issue affects Simple Download Monitor: from n/a through
High CVSS: 7.6 Yayın: 2025-01-24 18:15:40

CVE-2025-24659

CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjada WPDM – Premium Packages wpdm-premium-packages allows Blind SQL Injection.This issue affects WPDM – Premium Packages: from n/a through
Medium CVSS: 5.9 Yayın: 2025-01-24 18:15:39

CVE-2025-24658

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joe Auction Nudge – Your eBay on Your Site auction-nudge allows Stored XSS.This issue affects Auction Nudge – Your eBay on Your Site: from n/a throu…
Medium CVSS: 5.9 Yayın: 2025-01-24 18:15:39

CVE-2025-24657

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee Wishlist for WooCommerce wt-woocommerce-wishlist allows Stored XSS.This issue affects Wishlist for WooCommerce: from n/a through
Medium CVSS: 5.4 Yayın: 2025-01-24 18:15:39

CVE-2025-24652

CWE-862
Missing Authorization vulnerability in revmakx WP Duplicate local-sync allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Duplicate: from n/a through
Critical CVSS: 9.1 Yayın: 2025-01-24 18:15:39

CVE-2025-24650

Themefic Tourfic CWE-434
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic allows Upload a Web Shell to a Web Server.This issue affects Tourfic: from n/a through
Medium CVSS: 4.3 Yayın: 2025-01-24 18:15:39

CVE-2025-24649

CWE-862
Missing Authorization vulnerability in Bowo Admin and Site Enhancements (ASE) admin-site-enhancements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Admin and Site Enhancements (ASE): from n/a through
Medium CVSS: 5.4 Yayın: 2025-01-24 18:15:39

CVE-2025-24647

CWE-352
Cross-Site Request Forgery (CSRF) vulnerability in datafeedr WooCommerce Cloak Affiliate Links woocommerce-cloak-affiliate-links allows Cross Site Request Forgery.This issue affects WooCommerce Cloak Affiliate Links: from n/a through
Medium CVSS: 6.5 Yayın: 2025-01-24 18:15:38

CVE-2025-24638

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pddring Create with Code create-with-code allows DOM-Based XSS.This issue affects Create with Code: from n/a through
High CVSS: 7.1 Yayın: 2025-01-24 18:15:38

CVE-2025-24636

CWE-352
Cross-Site Request Forgery (CSRF) vulnerability in Rick Laymance MachForm Shortcode machform-shortcode allows Stored XSS.This issue affects MachForm Shortcode: from n/a through