CVE-2025-26957 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Deetronix Affiliate Coupons allows PHP Local File Inclusion. This issue affects Affiliate Coupons: from n/a through 1.7.3.
CVSS: HIGH (7.5) EPSS Score: 0.12%
February 25th, 2025 (4 months ago)
|
CVE-2025-26946 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in jgwhite33 WP Yelp Review Slider allows Blind SQL Injection. This issue affects WP Yelp Review Slider: from n/a through 8.1.
CVSS: HIGH (7.6) EPSS Score: 0.04%
February 25th, 2025 (4 months ago)
|
CVE-2025-26935 |
Description: Path Traversal vulnerability in wpjobportal WP Job Portal allows PHP Local File Inclusion. This issue affects WP Job Portal: from n/a through 2.2.8.
CVSS: HIGH (7.5) EPSS Score: 0.06%
February 25th, 2025 (4 months ago)
|
CVE-2025-26932 |
Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in QuantumCloud ChatBot allows PHP Local File Inclusion. This issue affects ChatBot: from n/a through 6.3.5.
CVSS: HIGH (7.5) EPSS Score: 0.12%
February 25th, 2025 (4 months ago)
|
CVE-2025-26931 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Software Tribulant Gallery Voting allows Stored XSS. This issue affects Tribulant Gallery Voting: from n/a through 1.2.1.
CVSS: HIGH (7.1) EPSS Score: 0.02%
February 25th, 2025 (4 months ago)
|
CVE-2025-26915 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PickPlugins Wishlist allows SQL Injection. This issue affects Wishlist: from n/a through 1.0.41.
CVSS: HIGH (8.5) EPSS Score: 0.04%
February 25th, 2025 (4 months ago)
|
CVE-2025-26907 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Estatik Mortgage Calculator Estatik allows Stored XSS. This issue affects Mortgage Calculator Estatik: from n/a through 2.0.12.
CVSS: HIGH (7.5) EPSS Score: 0.06%
February 25th, 2025 (4 months ago)
|
CVE-2025-26905 |
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Estatik Estatik allows PHP Local File Inclusion. This issue affects Estatik: from n/a through 4.1.9.
CVSS: HIGH (7.5) EPSS Score: 0.04%
February 25th, 2025 (4 months ago)
|
CVE-2025-26868 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fastflow Fast Flow allows Reflected XSS. This issue affects Fast Flow: from n/a through 1.2.16.
CVSS: HIGH (7.1) EPSS Score: 0.04%
February 25th, 2025 (4 months ago)
|
CVE-2025-26753 |
Description: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in videowhisper VideoWhisper Live Streaming Integration allows Path Traversal. This issue affects VideoWhisper Live Streaming Integration: from n/a through 6.2.
CVSS: HIGH (7.5) EPSS Score: 0.06%
February 25th, 2025 (4 months ago)
|