Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-05-01 | CVE-2025-1529 | The AM LottiePlayer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via uploaded lottie files in all versions up to, and including, 3.5.3 due to insufficient input sanitization and output escaping. | 6.4 |
| 2025-05-01 | CVE-2025-3874 | Authorization Bypass Through User-Controlled Key vulnerability in Tipsandtricks-Hq Wordpress Simple Paypal Shopping Cart The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 due to lack of randomization of a user controlled key. | 6.5 |
| 2025-05-01 | CVE-2025-3889 | Authorization Bypass Through User-Controlled Key vulnerability in Tipsandtricks-Hq Wordpress Simple Paypal Shopping Cart The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.3 via the 'process_payment_data' due to missing validation on a user controlled key. | 5.3 |
| 2025-05-01 | CVE-2025-3890 | Cross-site Scripting vulnerability in Tipsandtricks-Hq Wordpress Simple Paypal Shopping Cart The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_cart_button' shortcode in all versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2025-05-01 | CVE-2025-4163 | Injection vulnerability in PHPgurukul Land Record System 1.0 A vulnerability, which was classified as critical, has been found in PHPGurukul Land Record System 1.0. | 9.8 |
| 2025-05-01 | CVE-2025-4164 | Injection vulnerability in PHPgurukul Employee Record Management System 1.3 A vulnerability, which was classified as critical, was found in PHPGurukul Employee Record Management System 1.3. | 9.8 |
| 2025-05-01 | CVE-2025-4161 | A vulnerability classified as critical has been found in PCMan FTP Server up to 2.0.7. | 7.3 |
| 2025-05-01 | CVE-2025-4162 | A vulnerability classified as critical was found in PCMan FTP Server up to 2.0.7. | 7.3 |
| 2025-05-01 | CVE-2025-4159 | A vulnerability was found in PCMan FTP Server up to 2.0.7. | 7.3 |
| 2025-05-01 | CVE-2025-4160 | A vulnerability was found in PCMan FTP Server up to 2.0.7. | 7.3 |