Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-02-25 | CVE-2025-26599 | Access of Uninitialized Pointer vulnerability in multiple products An access to an uninitialized pointer flaw was found in X.Org and Xwayland. | 7.8 |
2025-02-25 | CVE-2025-26600 | Use After Free vulnerability in multiple products A use-after-free flaw was found in X.Org and Xwayland. | 7.8 |
2025-02-25 | CVE-2025-26601 | Use After Free vulnerability in multiple products A use-after-free flaw was found in X.Org and Xwayland. | 7.8 |
2025-02-25 | CVE-2024-54444 | Cross-site Scripting vulnerability in Elementor Website Builder Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder allows Stored XSS. | 5.4 |
2025-02-25 | CVE-2025-26871 | Missing Authorization vulnerability in Wpdeveloper Essential Blocks Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg allows Exploiting Incorrectly Configured Access Control Security Levels. | 8.8 |
2025-02-25 | CVE-2025-26935 | Path Traversal: '.../...//' vulnerability in Wpjobportal WP JOB Portal Path Traversal vulnerability in wpjobportal WP Job Portal allows PHP Local File Inclusion. | 8.8 |
2025-02-25 | CVE-2025-26977 | Authorization Bypass Through User-Controlled Key vulnerability in Ninjateam Filebird Authorization Bypass Through User-Controlled Key vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels. | 7.2 |
2025-02-25 | CVE-2025-1262 | Guessable CAPTCHA vulnerability in Webfactoryltd Advanced Google Recaptcha The Advanced Google reCaptcha plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 1.27 . | 5.3 |
2025-02-25 | CVE-2024-13693 | Improper Access Control vulnerability in Kriesi Enfold The Enfold theme for WordPress is vulnerable to unauthorized access of data due to a missing capability check in avia-export-class.php in all versions up to, and including, 6.0.9. | 5.3 |
2025-02-25 | CVE-2024-13695 | Server-Side Request Forgery (SSRF) vulnerability in Kriesi Enfold The Enfold theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.0.9 via the 'attachment_id' parameter. | 5.4 |