Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-31 | CVE-2025-0493 | The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Limited Local File Inclusion in all versions up to, and including, 4.2.14 via the tabname parameter. | 9.8 |
| 2025-01-30 | CVE-2025-0874 | SQL Injection vulnerability in Fabianros Simple CAR Rental System 1.0 A vulnerability, which was classified as critical, has been found in code-projects Simple Plugins Car Rental Management 1.0. | 9.8 |
| 2025-01-30 | CVE-2025-0873 | SQL Injection vulnerability in Angeljudesuarez Tailoring Management System 1.0 A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. | 9.8 |
| 2025-01-30 | CVE-2025-0872 | SQL Injection vulnerability in Angeljudesuarez Tailoring Management System 1.0 A vulnerability classified as critical has been found in itsourcecode Tailoring Management System 1.0. | 9.8 |
| 2025-01-30 | CVE-2024-12822 | The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the add_capto_img() function in all versions up to, and including, 3.11.0. | 9.8 |
| 2025-01-30 | CVE-2024-13720 | Path Traversal vulnerability in Ivanm WP Image Uploader The WP Image Uploader plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the gky_image_uploader_main_function() function in all versions up to, and including, 1.0.1. | 9.1 |
| 2025-01-30 | CVE-2024-13742 | Deserialization of Untrusted Data vulnerability in Icontrolwp The iControlWP – Multiple WordPress Site Manager plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.5 via deserialization of untrusted input from the reqpars parameter. | 9.8 |
| 2025-01-30 | CVE-2025-0847 | SQL Injection vulnerability in 1000Projects Employee Task Management System 1.0 A vulnerability was found in 1000 Projects Employee Task Management System 1.0. | 9.8 |
| 2025-01-30 | CVE-2025-0846 | SQL Injection vulnerability in 1000Projects Employee Task Management System 1.0 A vulnerability was found in 1000 Projects Employee Task Management System 1.0. | 9.8 |
| 2025-01-29 | CVE-2025-0843 | SQL Injection vulnerability in Needyamin Library Card System 1.0 A vulnerability was found in needyamin Library Card System 1.0. | 9.8 |