Search

Search Results (366292 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-12807 1 Artlosk 1 Social Share Buttons 2025-05-11 4.8 Medium
The Social Share Buttons for WordPress plugin through 2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
CVE-2024-39501 1 Redhat 1 Enterprise Linux 2025-05-10 4.7 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2023-53063 2025-05-10 5.5 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2022-48917 2025-05-10 5.0 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-37835 2025-05-10 5.5 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-37795 2025-05-10 7.1 High
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2024-50016 2025-05-10 5.5 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-47770 2025-05-10 N/A
Not used
CVE-2025-47769 2025-05-10 N/A
Not used
CVE-2025-47768 2025-05-10 N/A
Not used
CVE-2025-47767 2025-05-10 N/A
Not used
CVE-2025-47766 2025-05-10 N/A
Not used
CVE-2025-47765 2025-05-10 N/A
Not used
CVE-2025-47764 2025-05-10 N/A
Not used
CVE-2025-47763 2025-05-10 N/A
Not used
CVE-2025-47762 2025-05-10 N/A
Not used
CVE-2022-42983 1 Anji-plus 1 Aj-report 2025-05-10 8.8 High
anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing JWT Tokens.
CVE-2022-42980 1 Go-admin 1 Go-admin 2025-05-10 9.8 Critical
go-admin (aka GO Admin) 2.0.12 uses the string go-admin as a production JWT key.
CVE-2022-42975 1 Phoenixframework 1 Phoenix 2025-05-10 7.5 High
socket/transport.ex in Phoenix before 1.6.14 mishandles check_origin wildcarding. NOTE: LiveView applications are unaffected by default because of the presence of a LiveView CSRF token.
CVE-2022-42237 1 Merchandise Online Store Project 1 Merchandise Online Store 2025-05-10 9.8 Critical
A SQL Injection issue in Merchandise Online Store v.1.0 allows an attacker to log in to the admin account.