Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

CVE güvenlik açıkları, KEV etiketleri, detay sayfaları ve kategori bazlı listeleme.
Toplam kayıt70,903
Sayfa3400 / 3546
FiltreYok
Medium CVSS: 6.5 Yayın: 2025-01-21 14:15:11

CVE-2025-22718

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in roninwp FAT Event Lite fat-event-lite allows Stored XSS.This issue affects FAT Event Lite: from n/a through
High CVSS: 7.5 Yayın: 2025-01-21 14:15:11

CVE-2025-22717

CWE-862
Missing Authorization vulnerability in Joe Dolson My Tickets my-tickets allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects My Tickets: from n/a through
High CVSS: 8.5 Yayın: 2025-01-21 14:15:11

CVE-2025-22716

Taskbuilder Taskbuilder CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in taskbuilder Taskbuilder taskbuilder allows SQL Injection.This issue affects Taskbuilder: from n/a through
Unknown CVSS: - Yayın: 2025-01-21 14:15:11

CVE-2025-22711

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thomas Maier Image Source Control image-source-control-isc allows Reflected XSS.This issue affects Image Source Control: from n/a through
High CVSS: 7.6 Yayın: 2025-01-21 14:15:11

CVE-2025-22710

CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in storeapps Smart Manager smart-manager-for-wp-e-commerce allows Blind SQL Injection.This issue affects Smart Manager: from n/a through
High CVSS: 7.1 Yayın: 2025-01-21 14:15:10

CVE-2025-22709

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Soft8Soft LLC Verge3D verge3d allows Reflected XSS.This issue affects Verge3D: from n/a through
High CVSS: 7.1 Yayın: 2025-01-21 14:15:10

CVE-2025-22706

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iova.mihai Social Pug: Author Box social-pug-author-box allows Reflected XSS.This issue affects Social Pug: Author Box: from n/a through
Critical CVSS: 9.3 Yayın: 2025-01-21 14:15:10

CVE-2025-22553

CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in dhananjaysingh Multiple Carousel multicarousel allows SQL Injection.This issue affects Multiple Carousel: from n/a through
High CVSS: 7.1 Yayın: 2025-01-21 14:15:10

CVE-2025-22322

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DeluxeThemes Private Messages for UserPro userpro-messaging allows Reflected XSS.This issue affects Private Messages for UserPro: from n/a through
High CVSS: 7.5 Yayın: 2025-01-21 14:15:10

CVE-2025-22318

CWE-862
Missing Authorization vulnerability in enituretechnology Standard Box Sizes – for WooCommerce standard-box-sizes.This issue affects Standard Box Sizes – for WooCommerce: from n/a through
High CVSS: 7.5 Yayın: 2025-01-21 14:15:09

CVE-2025-22311

CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in DeluxeThemes Private Messages for UserPro userpro-messaging.This issue affects Private Messages for UserPro: from n/a through
Medium CVSS: 5.9 Yayın: 2025-01-21 14:15:09

CVE-2025-22262

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WittyFolk Bonjour Bar bonjour-bar allows Stored XSS.This issue affects Bonjour Bar: from n/a through
Unknown CVSS: - Yayın: 2025-01-21 14:15:09

CVE-2024-56277

Ays-pro Poll Maker CWE-116
Improper Encoding or Escaping of Output vulnerability in Ays Pro Poll Maker poll-maker.This issue affects Poll Maker: from n/a through < 5.5.5.
Critical CVSS: 9.0 Yayın: 2025-01-21 14:15:09

CVE-2024-51919

CWE-434
Unrestricted Upload of File with Dangerous Type vulnerability in radykal Fancy Product Designer fancy-product-designer.This issue affects Fancy Product Designer: from n/a through
Critical CVSS: 9.8 Yayın: 2025-01-21 14:15:09

CVE-2024-51888

CWE-266
Incorrect Privilege Assignment vulnerability in favethemes Homey Login Register homey-login-register allows Privilege Escalation.This issue affects Homey Login Register: from n/a through
Critical CVSS: 9.3 Yayın: 2025-01-21 14:15:09

CVE-2024-51818

CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in radykal Fancy Product Designer fancy-product-designer.This issue affects Fancy Product Designer: from n/a through
High CVSS: 7.1 Yayın: 2025-01-21 14:15:08

CVE-2024-49700

CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems ARPrice arprice allows Reflected XSS.This issue affects ARPrice: from n/a through
High CVSS: 8.8 Yayın: 2025-01-21 14:15:08

CVE-2024-49699

CWE-502
Deserialization of Untrusted Data vulnerability in reputeinfosystems ARPrice arprice allows Object Injection.This issue affects ARPrice: from n/a through
Critical CVSS: 9.8 Yayın: 2025-01-21 14:15:08

CVE-2024-49688

CWE-502
Deserialization of Untrusted Data vulnerability in reputeinfosystems ARPrice arprice allows Object Injection.This issue affects ARPrice: from n/a through
High CVSS: 8.5 Yayın: 2025-01-21 14:15:08

CVE-2024-49666

CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems ARPrice arprice allows SQL Injection.This issue affects ARPrice: from n/a through