2025-01-11 | CVE-2024-12627 | The Coupon X: Discount Pop Up, Promo Code Pop Ups, Announcement Pop Up, WooCommerce Popups plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3.5 via deserialization of untrusted input from post content passed to the capture_email AJAX action. | 7.5 |
2025-01-10 | CVE-2025-23110 | Cross-site Scripting vulnerability in Vanderbilt Redcap 14.9.6 An issue was discovered in REDCap 14.9.6. | 6.1 |
2025-01-10 | CVE-2025-23111 | Cross-site Scripting vulnerability in Vanderbilt Redcap 14.9.6 An issue was discovered in REDCap 14.9.6. | 6.1 |
2025-01-10 | CVE-2025-23112 | Cross-site Scripting vulnerability in Vanderbilt Redcap 14.9.6 An issue was discovered in REDCap 14.9.6. | 6.1 |
2025-01-10 | CVE-2025-23113 | Cross-Site Request Forgery (CSRF) vulnerability in Vanderbilt Redcap 14.9.6 An issue was discovered in REDCap 14.9.6. | 8.8 |
2025-01-10 | CVE-2024-56511 | Unspecified vulnerability in Dataease DataEase is an open source data visualization analysis tool. network low complexity dataease critical | 9.8 |
2025-01-10 | CVE-2025-23022 | Integer Overflow or Wraparound vulnerability in Freetype 2.8.1 FreeType 2.8.1 has a signed integer overflow in cf2_doFlex in cff/cf2intrp.c. | 6.2 |
2025-01-10 | CVE-2024-41787 | IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 could allow a remote attacker to bypass security restrictions, caused by a race condition. network low complexity CWE-367 critical | 9.8 |
2025-01-10 | CVE-2024-13318 | Unspecified vulnerability in Smartdatasoft Essential WP Real Estate The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cl_delete_listing_func() function in all versions up to, and including, 1.1.3. | 5.3 |
2025-01-10 | CVE-2024-13183 | Cross-site Scripting vulnerability in Themeisle Orbit FOX The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title_tag’ parameter in all versions up to, and including, 2.10.43 due to insufficient input sanitization and output escaping. | 5.4 |