| 2025-02-19 | CVE-2025-1134 | SQL Injection vulnerability in Churchcrm
A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to execute arbitrary SQL queries by exploiting a boolean-based and time-based blind SQL Injection vulnerability in the DonatedItemEditor functionality. | 7.2 |
| 2025-02-19 | CVE-2025-1135 | SQL Injection vulnerability in Churchcrm
A vulnerability exists in ChurchCRM 5.13.0. | 7.2 |
| 2025-02-19 | CVE-2024-13468 | The Trash Duplicate and 301 Redirect plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'duplicates-action-top' action in all versions up to, and including, 1.9. | 7.5 |
| 2025-02-19 | CVE-2024-13592 | The Team Builder For WPBakery Page Builder(Formerly Visual Composer) plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0 via the 'team-builder-vc' shortcode. network high complexity CWE-98 | 7.5 |
| 2025-02-19 | CVE-2025-1441 | Cross-Site Request Forgery (CSRF) vulnerability in Royal-Elementor-Addons Royal Elementor Addons
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.1007. | 8.8 |
| 2025-02-19 | CVE-2024-11582 | The Subscribe2 – Form, Email Subscribers & Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ip parameter in all versions up to, and including, 10.43 due to insufficient input sanitization and output escaping. | 7.2 |
| 2025-02-19 | CVE-2025-1448 | A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. | 7.3 |
| 2025-02-18 | CVE-2025-27113 | Unspecified vulnerability in Xmlsoft Libxml2
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c. | 7.5 |
| 2025-02-18 | CVE-2025-26614 | SQL Injection vulnerability in Wegia 3.2.13
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. | 8.8 |
| 2025-02-18 | CVE-2025-26615 | Improper Access Control vulnerability in Wegia 3.2.13
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. | 7.5 |