Total
8604 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-25692 | 3 Esri, Linux, Microsoft | 3 Portal For Arcgis, Linux Kernel, Windows | 2025-04-10 | N/A | 5.4 MEDIUM |
| There is a cross-site-request forgery vulnerability in Esri Portal for ArcGIS Versions 11.1 and below that may in some cases allow a remote, unauthenticated attacker to trick an authorized user into executing unwanted actions via a crafted form. The impact to Confidentiality and Integrity vectors is limited and of low severity. | |||||
| CVE-2024-21043 | 1 Oracle | 1 Complex Maintenance Repair And Overhaul | 2025-04-10 | N/A | 6.1 MEDIUM |
| Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Complex Maintenance, Repair, and Overhaul accessible data as well as unauthorized read access to a subset of Oracle Complex Maintenance, Repair, and Overhaul accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). | |||||
| CVE-2025-31034 | 2025-04-09 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in AboZain Albanna Customize Login Page allows Cross Site Request Forgery. This issue affects Customize Login Page: from n/a through 1.1. | |||||
| CVE-2025-32661 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Interactive US Map allows Stored XSS. This issue affects Interactive US Map: from n/a through 2.7. | |||||
| CVE-2025-32480 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in dalziel Windows Live Writer allows Stored XSS. This issue affects Windows Live Writer: from n/a through 0.1. | |||||
| CVE-2025-31388 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in doa The World allows Stored XSS. This issue affects The World: from n/a through 0.4. | |||||
| CVE-2025-32494 | 2025-04-09 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in bozdoz reCAPTCHA Jetpack allows Cross Site Request Forgery. This issue affects reCAPTCHA Jetpack: from n/a through 0.2.2. | |||||
| CVE-2025-32617 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Ydesignservices Multiple Location Google Map allows Stored XSS. This issue affects Multiple Location Google Map: from n/a through 1.1. | |||||
| CVE-2025-31395 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in a.ankit Easy Custom CSS allows Stored XSS. This issue affects Easy Custom CSS: from n/a through 1.0. | |||||
| CVE-2025-31005 | 2025-04-09 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Uzair Easyfonts allows Cross Site Request Forgery. This issue affects Easyfonts: from n/a through 1.1.2. | |||||
| CVE-2025-31390 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in bdoga Social Crowd allows Stored XSS. This issue affects Social Crowd: from n/a through 0.9.6.1. | |||||
| CVE-2025-32556 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sandor Kovacs Simple Post Meta Manager allows Reflected XSS. This issue affects Simple Post Meta Manager: from n/a through 1.0.9. | |||||
| CVE-2025-32591 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Kevon Adonis WP Abstracts allows Cross Site Request Forgery. This issue affects WP Abstracts: from n/a through 2.7.4. | |||||
| CVE-2025-31382 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in theode Language Field allows Stored XSS. This issue affects Language Field: from n/a through 0.9. | |||||
| CVE-2025-32477 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Jordi Salord WP-Easy Menu allows Stored XSS. This issue affects WP-Easy Menu: from n/a through 0.41. | |||||
| CVE-2025-32669 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in MERGADO Mergado Pack allows Stored XSS. This issue affects Mergado Pack: from n/a through 4.1.1. | |||||
| CVE-2025-32576 | 2025-04-09 | N/A | 9.6 CRITICAL | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Agence web Eoxia - Montpellier WP shop allows Upload a Web Shell to a Web Server. This issue affects WP shop: from n/a through 2.6.0. | |||||
| CVE-2025-32664 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in ashokbasnet Nepali Date Utilities allows Stored XSS. This issue affects Nepali Date Utilities: from n/a through 1.0.13. | |||||
| CVE-2025-32484 | 2025-04-09 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Mathieu Chartier WP-Planification allows Stored XSS. This issue affects WP-Planification: from n/a through 2.3.1. | |||||
| CVE-2025-25056 | 2025-04-09 | N/A | 4.3 MEDIUM | ||
| Cross-site request forgery vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac series'. If a user views a malicious page while logged in, unintended operations may be performed. | |||||