CVE-2024-11357
The goodlayers-core WordPress plugin before 2.0.10 does not sanitise and escape some of its settings, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
CVE-2024-11184
The wp-enable-svg WordPress plugin through 0.7 does not sanitize SVG files when uploaded, allowing for authors and above to upload SVGs containing malicious scripts
CVE-2024-56830
The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand() if no strong randomization module is present.
CVE-2002-20002
The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand(), which is not a strong random number generator, for cryptographic keys.
CVE-2025-22214
Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection.
CVE-2024-56829
Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx.
CVE-2025-0168
A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /_parse/_feedback_system.php. The manipulation of the argument person leads to sql injection. It is possibl…
CVE-2024-11846
The does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
CVE-2024-56021
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ibnuyahya Category Post Shortcode category-post-shortcode allows Stored XSS.This issue affects Category Post Shortcode: from n/a through
CVE-2024-56020
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in svegliadesign SvegliaT Buttons svegliat-buttons allows Stored XSS.This issue affects SvegliaT Buttons: from n/a through
CVE-2024-23438
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
CVE-2024-23437
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
CVE-2024-23436
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
CVE-2024-23435
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
CVE-2024-23434
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
CVE-2024-23433
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
CVE-2024-23432
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
CVE-2024-23431
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
CVE-2024-23430
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.
CVE-2024-23429
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.