| 2025-03-28 | CVE-2025-2294 | The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubio_hybrid_theme_load_template function. network low complexity CWE-22 critical | 9.8 |
| 2025-03-27 | CVE-2025-30361 | Improper Authentication vulnerability in Wegia
WeGIA is a Web manager for charitable institutions. | 9.8 |
| 2025-03-27 | CVE-2025-30364 | Unspecified vulnerability in Wegia
WeGIA is a Web manager for charitable institutions. network low complexity wegia critical | 9.8 |
| 2025-03-27 | CVE-2025-30365 | SQL Injection vulnerability in Wegia
WeGIA is a Web manager for charitable institutions. | 9.8 |
| 2025-03-27 | CVE-2025-30367 | SQL Injection vulnerability in Wegia
WeGIA is a Web manager for charitable institutions. | 9.8 |
| 2025-03-27 | CVE-2025-2332 | The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.13 via deserialization of untrusted input in the 'returnMetaValueAsCustomerInput' function. network low complexity CWE-502 critical | 9.8 |
| 2025-03-27 | CVE-2025-2831 | SQL Injection vulnerability in Mingyuefusu Library Management System
A vulnerability has been found in mingyuefusu ???? tushuguanlixitong ?????? up to d4836f6b49cd0ac79a4021b15ce99ff7229d4694 and classified as critical. | 9.8 |
| 2025-03-26 | CVE-2024-47516 | A vulnerability was found in Pagure. network low complexity CWE-88 critical | 9.8 |
| 2025-03-24 | CVE-2025-2690 | Deserialization of Untrusted Data vulnerability in Yiiframework YII
A vulnerability, which was classified as critical, was found in yiisoft Yii2 up to 2.0.39. | 9.8 |
| 2025-03-24 | CVE-2025-2689 | Deserialization of Untrusted Data vulnerability in Yiiframework YII
A vulnerability, which was classified as critical, has been found in yiisoft Yii2 up to 2.0.45. | 9.8 |