2025-05-10 | CVE-2025-4501 | Out-of-bounds Write vulnerability in Fabianros Album Management System 1.0 A vulnerability, which was classified as critical, was found in code-projects Album Management System 1.0. | 7.8 |
2025-05-10 | CVE-2025-3876 | Missing Authorization vulnerability in Cozyvision SMS Alert Order Notifications The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege Escalation due to insufficient user OTP validation in the handleWpLoginCreateUserAction() function in all versions up to, and including, 3.8.1. | 8.8 |
2025-05-10 | CVE-2025-3878 | Cross-site Scripting vulnerability in Cozyvision SMS Alert Order Notifications The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sa_verify shortcode in all versions up to, and including, 3.8.1 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
2025-05-10 | CVE-2025-4499 | Out-of-bounds Write vulnerability in Fabianros Simple Hospital Management System 1.0 A vulnerability classified as critical was found in code-projects Simple Hospital Management System 1.0. | 7.8 |
2025-05-10 | CVE-2025-2158 | The WordPress Review Plugin: The Ultimate Solution for Building a Review Website plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.3.5 via the Post custom fields. | 8.8 |
2025-05-10 | CVE-2025-4498 | Out-of-bounds Write vulnerability in Fabianros Simple BUS Reservation System 1.0 A vulnerability classified as critical has been found in code-projects Simple Bus Reservation System 1.0. | 7.8 |
2025-05-10 | CVE-2025-4497 | Classic Buffer Overflow vulnerability in Code-Projects Simple Banking System A vulnerability was found in code-projects Simple Banking System up to 1.0. | 7.8 |
2025-05-10 | CVE-2025-2944 | The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Video Button and Countdown Widgets in all versions up to, and including, 2.6.12 due to insufficient input sanitization and output escaping on user supplied attributes. | 6.4 |
2025-05-10 | CVE-2025-1137 | IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization. network high complexity CWE-77 | 7.5 |
2025-05-10 | CVE-2025-4495 | A vulnerability has been found in JAdmin-JAVA JAdmin 1.0 and classified as problematic. | 3.5 |