Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2025-02-19 CVE-2024-13468 The Trash Duplicate and 301 Redirect plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'duplicates-action-top' action in all versions up to, and including, 1.9.
network
low complexity
CWE-862
7.5
7.5
2025-02-19 CVE-2024-13592 The Team Builder For WPBakery Page Builder(Formerly Visual Composer) plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0 via the 'team-builder-vc' shortcode.
network
high complexity
CWE-98
7.5
7.5
2025-02-19 CVE-2025-1441 Cross-Site Request Forgery (CSRF) vulnerability in Royal-Elementor-Addons Royal Elementor Addons
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.1007.
network
low complexity
royal-elementor-addons CWE-352
8.8
8.8
2025-02-19 CVE-2024-11582 The Subscribe2 – Form, Email Subscribers & Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ip parameter in all versions up to, and including, 10.43 due to insufficient input sanitization and output escaping.
network
low complexity
CWE-79
7.2
7.2
2025-02-19 CVE-2025-1448 A vulnerability was found in Synway SMG Gateway Management Software up to 20250204.
network
low complexity
CWE-74
7.3
7.3
2025-02-18 CVE-2025-27113 Unspecified vulnerability in Xmlsoft Libxml2
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.
network
low complexity
xmlsoft
7.5
7.5
2025-02-18 CVE-2025-26605 Unspecified vulnerability in Wegia
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.
network
low complexity
wegia
8.8
8.8
2025-02-18 CVE-2025-26614 SQL Injection vulnerability in Wegia 3.2.13
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.
network
low complexity
wegia CWE-89
8.8
8.8
2025-02-18 CVE-2025-26615 Improper Access Control vulnerability in Wegia 3.2.13
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.
network
low complexity
wegia CWE-284
7.5
7.5
2025-02-18 CVE-2025-26616 Improper Access Control vulnerability in Wegia 3.2.13
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.
network
low complexity
wegia CWE-284
7.5
7.5