Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-08 | CVE-2025-1481 | Missing Authorization vulnerability in Jozoor Shortcode Cleaner Lite The Shortcode Cleaner Lite plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the download_backup() function in all versions up to, and including, 1.0.9. | 4.3 |
| 2025-03-08 | CVE-2025-1504 | Missing Authorization vulnerability in Andypalmer Post Lockdown The Post Lockdown plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 4.0.2 via the 'pl_autocomplete' AJAX action due to insufficient restrictions on which posts can be included. | 6.5 |
| 2025-03-08 | CVE-2025-1261 | Cross-site Scripting vulnerability in Hasthemes HT Mega The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2025-03-07 | CVE-2025-2097 | Out-of-bounds Write vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 A vulnerability, which was classified as critical, has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. | 9.8 |
| 2025-03-07 | CVE-2025-2094 | OS Command Injection vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. | 9.8 |
| 2025-03-07 | CVE-2025-2095 | OS Command Injection vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 A vulnerability classified as critical has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. | 9.8 |
| 2025-03-07 | CVE-2025-2096 | OS Command Injection vulnerability in Totolink Ex1800T Firmware 9.1.0Cu.2112B20220316 A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. | 9.8 |
| 2025-03-07 | CVE-2025-26643 | Unspecified vulnerability in Microsoft Edge Chromium The UI performs the wrong action in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | 5.4 |
| 2025-03-07 | CVE-2023-35894 | Improper Neutralization of HTTP Headers for Scripting Syntax vulnerability in IBM Sterling Control Center 6.2.1/6.3.1 IBM Control Center 6.2.1 through 6.3.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. | 6.1 |
| 2025-03-07 | CVE-2023-43052 | IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external service interaction attack, caused by improper validation of user-supplied input. | 5.3 |