| 2025-03-07 | CVE-2025-2088 | Injection vulnerability in PHPgurukul Pre-School Enrollment System 1.0
A vulnerability, which was classified as critical, was found in PHPGurukul Pre-School Enrollment System up to 1.0. | 9.8 |
| 2025-03-07 | CVE-2024-12876 | Missing Authorization vulnerability in Uxper Golo
The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.10. | 9.8 |
| 2025-03-07 | CVE-2024-13904 | Server-Side Request Forgery (SSRF) vulnerability in Platformly Platform.Ly for Woocommerce
The Platform.ly for WooCommerce plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all versions up to, and including, 1.1.6 via the 'hooks' function. | 9.1 |
| 2025-03-07 | CVE-2025-1315 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Sfwebservice Injob
The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 3.5.1. | 9.8 |
| 2025-03-07 | CVE-2025-1475 | The WPCOM Member plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.7.5. network low complexity CWE-287 critical | 9.8 |
| 2025-03-06 | CVE-2024-12144 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Finder Fire Safety Finder ERP/CRM (Old System) allows SQL Injection.This issue affects Finder ERP/CRM (Old System): before 18.12.2024. network low complexity CWE-89 critical | 9.8 |
| 2025-03-05 | CVE-2024-12097 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Boceksoft Informatics E-Travel allows SQL Injection.This issue affects E-Travel: before 15.12.2024. network low complexity CWE-89 critical | 9.8 |
| 2025-03-05 | CVE-2024-13147 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Merkur Software B2B Login Panel allows SQL Injection.This issue affects B2B Login Panel: before 15.01.2025. network low complexity CWE-89 critical | 9.8 |
| 2025-03-05 | CVE-2024-11951 | The Homey Login Register plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.0. network low complexity CWE-269 critical | 9.8 |
| 2025-03-05 | CVE-2024-12281 | The Homey theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.4.2. network low complexity CWE-269 critical | 9.8 |