| 2025-04-04 | CVE-2025-3259 | Out-of-bounds Write vulnerability in Tenda RX3 Firmware 16.03.13.11Multi
A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. | 8.8 |
| 2025-04-04 | CVE-2025-32220 | Missing Authorization vulnerability in Salonbookingsystem Salon Booking System
Missing Authorization vulnerability in Dimitri Grassi Salon booking system allows Exploiting Incorrectly Configured Access Control Security Levels. | 8.8 |
| 2025-04-04 | CVE-2025-32280 | Cross-Site Request Forgery (CSRF) vulnerability in Wedevs WP Project Manager
Cross-Site Request Forgery (CSRF) vulnerability in weDevs WP Project Manager allows Cross Site Request Forgery. | 8.8 |
| 2025-04-04 | CVE-2025-3243 | Unspecified vulnerability in Code-Projects Patient Record Management System 1.0
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. | 8.8 |
| 2025-04-04 | CVE-2025-3244 | Unrestricted Upload of File with Dangerous Type vulnerability in Senior-Walter Web-Based Pharmacy Product Management System 1.0
A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. | 8.8 |
| 2025-04-04 | CVE-2025-3229 | Injection vulnerability in PHPgurukul Restaurant Table Booking System 1.0
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. | 7.2 |
| 2025-04-04 | CVE-2025-3105 | The Vehica Core plugin for WordPress, used by the Vehica - Car Dealer & Listing WordPress Theme, is vulnerable to privilege escalation in all versions up to, and including, 1.0.97. | 8.8 |
| 2025-04-04 | CVE-2025-3215 | Injection vulnerability in PHPgurukul Restaurant Table Booking System 1.0
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as critical. | 8.8 |
| 2025-04-04 | CVE-2024-13708 | Unrestricted Upload of File with Dangerous Type vulnerability in Booster for Woocommerce
The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in versions 4.0.1 to 7.2.4 due to insufficient input sanitization and output escaping. | 7.2 |
| 2025-04-04 | CVE-2025-2270 | The Countdown, Coming Soon, Maintenance – Countdown & Clock plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.9.1 via the createCdObj function. network high complexity CWE-22 | 8.1 |