Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

CVE güvenlik açıkları, KEV etiketleri, detay sayfaları ve kategori bazlı listeleme.
Toplam kayıt70,916
Sayfa3371 / 3546
FiltreYok
Medium CVSS: 6.5 Yayın: 2025-01-24 18:15:35

CVE-2025-24580

CWE-862
Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeting List: from n/a through
Medium CVSS: 5.9 Yayın: 2025-01-24 18:15:35

CVE-2025-24579

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Phillips Nested Pages wp-nested-pages allows Stored XSS.This issue affects Nested Pages: from n/a through
Medium CVSS: 6.5 Yayın: 2025-01-24 18:15:34

CVE-2025-24578

Elementinvader Elementinvader Addons For Elementor CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows DOM-Based XSS.This issue affects ElementInvader Addon…
Medium CVSS: 6.5 Yayın: 2025-01-24 18:15:34

CVE-2025-24575

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HelloAsso HelloAsso helloasso allows Stored XSS.This issue affects HelloAsso: from n/a through
Medium CVSS: 6.5 Yayın: 2025-01-24 18:15:34

CVE-2025-24573

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Softaculous PageLayer pagelayer allows DOM-Based XSS.This issue affects PageLayer: from n/a through
Medium CVSS: 6.5 Yayın: 2025-01-24 18:15:34

CVE-2025-24572

CWE-352
Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search fulltext-search allows Cross Site Request Forgery.This issue affects WP Fast Total Search: from n/a through
Medium CVSS: 5.4 Yayın: 2025-01-24 18:15:34

CVE-2025-24571

CWE-862
Missing Authorization vulnerability in Epsiloncool WP Fast Total Search fulltext-search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Fast Total Search: from n/a through
High CVSS: 7.1 Yayın: 2025-01-24 18:15:34

CVE-2025-24570

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Stored XSS.This issue affects Atarim: from n/a through
Medium CVSS: 4.3 Yayın: 2025-01-24 18:15:33

CVE-2025-24568

CWE-352
Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates astra-sites allows Cross Site Request Forgery.This issue affects Starter Templates: from n/a through
High CVSS: 7.1 Yayın: 2025-01-24 18:15:33

CVE-2025-24562

CWE-352
Cross-Site Request Forgery (CSRF) vulnerability in Optimal Access KBucket kbucket allows Stored XSS.This issue affects KBucket: from n/a through
High CVSS: 7.1 Yayın: 2025-01-24 18:15:33

CVE-2025-24561

CWE-352
Cross-Site Request Forgery (CSRF) vulnerability in awcode ReviewsTap reviewstap allows Stored XSS.This issue affects ReviewsTap: from n/a through
High CVSS: 7.1 Yayın: 2025-01-24 18:15:33

CVE-2025-24555

CWE-352
Cross-Site Request Forgery (CSRF) vulnerability in subscriptiondna Subscription DNA subscriptiondna allows Stored XSS.This issue affects Subscription DNA: from n/a through
Medium CVSS: 5.3 Yayın: 2025-01-24 18:15:33

CVE-2025-24552

CWE-209
Generation of Error Message Containing Sensitive Information vulnerability in paytiumsupport Paytium paytium allows Retrieve Embedded Sensitive Data.This issue affects Paytium: from n/a through
Medium CVSS: 6.5 Yayın: 2025-01-24 18:15:33

CVE-2025-24547

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matthias.wagner Caching Compatible Cookie Opt-In and JavaScript caching-compatible-cookie-optin-and-javascript allows Stored XSS.This issue affects…
Medium CVSS: 5.4 Yayın: 2025-01-24 18:15:32

CVE-2025-24546

Rstheme Ultimate Coming Soon \& Maintenance CWE-352
Cross-Site Request Forgery (CSRF) vulnerability in RSTheme Ultimate Coming Soon & Maintenance ultimate-coming-soon allows Cross Site Request Forgery.This issue affects Ultimate Coming Soon & Maintenance: from n/a through
Medium CVSS: 4.3 Yayın: 2025-01-24 18:15:32

CVE-2025-24543

Rstheme Ultimate Coming Soon \& Maintenance CWE-352
Cross-Site Request Forgery (CSRF) vulnerability in RSTheme Ultimate Coming Soon & Maintenance ultimate-coming-soon allows Cross Site Request Forgery.This issue affects Ultimate Coming Soon & Maintenance: from n/a through
Medium CVSS: 6.5 Yayın: 2025-01-24 18:15:32

CVE-2025-24542

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Icegram Icegram icegram allows Stored XSS.This issue affects Icegram: from n/a through
High CVSS: 7.1 Yayın: 2025-01-24 18:15:32

CVE-2025-24362

CWE-532
In some circumstances, debug artifacts uploaded by the CodeQL Action after a failed code scanning workflow run may contain the environment variables from the workflow run, including any secrets that were exposed as environment variables to the workfl…
Medium CVSS: 5.3 Yayın: 2025-01-24 18:15:32

CVE-2025-0702

Joeybling Bootplus CWE-284
A vulnerability classified as critical was found in JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d. This vulnerability affects unknown code of the file src/main/java/io/github/controller/SysFileController.java. The manipulation of…
Critical CVSS: 9.9 Yayın: 2025-01-24 18:15:31

CVE-2024-56404

CWE-302
In One Identity Identity Manager 9.x before 9.3, an insecure direct object reference (IDOR) vulnerability allows privilege escalation. Only On-Premise installations are affected.