Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-12 | CVE-2025-1508 | Missing Authorization vulnerability in Themeum WP Crowdfunding The WP Crowdfunding plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the download_data action in all versions up to, and including, 2.1.13. | 5.3 |
| 2025-03-12 | CVE-2025-2076 | Cross-site Scripting vulnerability in Gnarf Binlayerpress The binlayerpress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. | 4.8 |
| 2025-03-12 | CVE-2025-2077 | Cross-site Scripting vulnerability in Duogeek Simple Amazon Affiliate The Simple Amazon Affiliate plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'msg' parameter in all versions up to, and including, 1.0.9 due to insufficient input sanitization and output escaping. | 6.1 |
| 2025-03-12 | CVE-2025-2078 | Cross-site Scripting vulnerability in Gkdv Blogbuzztime for WP The BlogBuzzTime for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. | 4.8 |
| 2025-03-12 | CVE-2025-2205 | The GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice – CCPA, DSGVO, RGPD plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.15.6 due to insufficient input sanitization and output escaping. | 4.4 |
| 2025-03-12 | CVE-2025-2220 | Key Management Errors vulnerability in Odysseyautomation Odyssey CMS A vulnerability was found in Odyssey CMS up to 10.34. | 7.8 |
| 2025-03-12 | CVE-2025-2218 | Incorrect Privilege Assignment vulnerability in Lovecards A vulnerability has been found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. | 9.8 |
| 2025-03-12 | CVE-2025-2219 | Unrestricted Upload of File with Dangerous Type vulnerability in Lovecards A vulnerability was found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. | 9.8 |
| 2025-03-12 | CVE-2025-2215 | A vulnerability classified as critical was found in Doufox up to 0.2.0. | 4.7 |
| 2025-03-12 | CVE-2025-2216 | Unrestricted Upload of File with Dangerous Type vulnerability in Zzskzy Warehouse Refinement Management System 1.3 A vulnerability, which was classified as critical, has been found in zzskzy Warehouse Refinement Management System 1.3. | 9.8 |