Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-09 | CVE-2025-2117 | A vulnerability was found in Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System 3.0 and classified as critical. | 6.3 |
| 2025-03-09 | CVE-2025-2116 | A vulnerability has been found in Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System 3.0 and classified as problematic. | 4.3 |
| 2025-03-09 | CVE-2025-2114 | A vulnerability, which was classified as problematic, has been found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7. | 3.7 |
| 2025-03-08 | CVE-2025-27840 | Unspecified vulnerability in Espressif Esp32 Firmware Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory). low complexity espressif | 6.8 |
| 2025-03-08 | CVE-2024-10326 | Missing Authorization vulnerability in Rometheme Romethemekit for Elementor The RomethemeKit For Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_options and reset_widgets functions in all versions up to, and including, 1.5.3. | 4.3 |
| 2025-03-08 | CVE-2024-13924 | Server-Side Request Forgery (SSRF) vulnerability in Fancywp Starter Templates The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 2.0.0 via the 'http_request_host_is_external' filter. | 9.1 |
| 2025-03-08 | CVE-2024-11640 | Cross-Site Request Forgery (CSRF) vulnerability in E4Jconnect Vikrentcar The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. | 8.8 |
| 2025-03-08 | CVE-2024-13649 | Cross-site Scripting vulnerability in Wpxpro Xpro Addons for Elementor The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 1.4.6.7 due to insufficient input sanitization and output escaping. | 5.4 |
| 2025-03-08 | CVE-2024-13675 | Cross-site Scripting vulnerability in Funnelkit Slingblocks The SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the "Icon List" Block in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. | 5.4 |
| 2025-03-08 | CVE-2025-1664 | Cross-site Scripting vulnerability in Wpdeveloper Essential Blocks The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Parallax slider in all versions up to, and including, 5.3.1 due to insufficient input sanitization and output escaping. | 5.4 |