| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2025-50008 | WordPress WooCommerce Manager – Customize and Control Cart page, Add to Cart button, Checkout fields easily plugin <= 1.2.4.5 - Broken Access Control Vulnerability | | |
| CVE-2025-50009 | WordPress Kata Plus plugin <= 1.5.3 - Broken Access Control Vulnerability | | |
| CVE-2025-50010 | WordPress Zapier for WordPress plugin <= 1.5.2 - Broken Access Control Vulnerability | | |
| CVE-2025-50011 | WordPress plugin Recipes manager - WPH <=1.0.4 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50012 | WordPress Inventory Presser plugin <= 15.0.0 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50013 | WordPress CSV Importer Improved plugin <= 0.6.1 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50014 | WordPress PDPA Consent for Thailand plugin <= 1.1.1 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50015 | WordPress Hand Talk plugin <= 6.0 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50016 | WordPress IP Based Login plugin <= 2.4.2 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50017 | WordPress WP Voting Contest plugin <= 5.8 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50018 | WordPress Tealium plugin <= 2.1.17 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50019 | WordPress Simple Sticky Footer plugin <= 1.3.5 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50020 | WordPress RDFa Breadcrumb plugin <= 2.3 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50021 | WordPress Better Random Redirect plugin <= 1.3.20 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50022 | WordPress WP-FB-AutoConnect plugin <= 4.6.3 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50023 | WordPress CodePen Embed Block plugin <= 1.1.1 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50024 | WordPress ATP Call Now plugin <= 1.0.3 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50025 | WordPress CP Polls plugin <= 1.0.81 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50026 | WordPress Spoki plugin <= 2.16.0 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50027 | WordPress Login/Signup Popup plugin <= 2.9.4 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50030 | WordPress Spark Multipurpose theme <= 1.0.7 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50032 | WordPress Paytiko for WooCommerce <= 1.3.14 - Broken Access Control Vulnerability | | |
| CVE-2025-50033 | WordPress Fitness Park theme <= 1.1.1 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50034 | WordPress Enhanced Blocks – Page Builder Blocks for Gutenberg plugin <= 1.4.1 - Broken Access Control Vulnerability | | |
| CVE-2025-50035 | WordPress Fyrebox Quizzes plugin <= 3.0 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50036 | WordPress Mailing Group Listserv plugin <= 3.0.5 - Cross Site Request Forgery (CSRF) Vulnerability | | |
| CVE-2025-50037 | WordPress Buying Buddy IDX CRM plugin <= 2.3.0 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50038 | WordPress Anant Addons for Elementor plugin <= 1.2.0 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50039 | WordPress VG WORT METIS <= 2.0.0 - Broken Access Control Vulnerability | | |
| CVE-2025-50041 | WordPress Gutenberg Blocks – ACF Blocks Suite plugin <= 2.6.11 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50042 | WordPress WP Register Profile With Shortcode plugin <= 3.6.1 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50043 | WordPress Code Engine plugin <= 0.3.2 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50044 | WordPress Real Estate Manager plugin <= 7.3 - Cross Site Request Forgery (CSRF) Vulnerability | | |
| CVE-2025-50045 | WordPress Related Products Manager for WooCommerce plugin <= 1.6.2 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50046 | WordPress WPComplete plugin <= 2.9.5 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50047 | WordPress Sitekit plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability | S | |
| CVE-2025-50048 | WordPress Automatically Hierarchic Categories in Menu plugin <= 2.0.9 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50049 | WordPress Modern Footnotes plugin <= 1.4.19 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50050 | WordPress Jobs for WordPress plugin <= 2.7.12 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50051 | WordPress WP-Members plugin <= 3.5.4 - Cross Site Scripting (XSS) Vulnerability | S | |
| CVE-2025-50052 | WordPress Flexo Counter plugin <= 1.0001 - Cross Site Scripting (XSS) Vulnerability | | |
| CVE-2025-50054 | Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and earlier and version 2.5.8 and earlier allo... | | |
| CVE-2025-50109 | Emerson ValveLink Products Cleartext Storage of Sensitive Information in Memory | S | |
| CVE-2025-50121 | CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') v... | | |
| CVE-2025-50122 | CWE-331: Insufficient Entropy vulnerability exists that could cause root password discovery when the... | | |
| CVE-2025-50123 | CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that could ca... | | |
| CVE-2025-50124 | CWE-269: Improper Privilege Management vulnerability exists that could cause privilege escalation wh... | | |
| CVE-2025-50125 | CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthenticated re... | | |
| CVE-2025-50130 | A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provid... | | |
| CVE-2025-50142 | Rejected reason: Not used... | R | |
| CVE-2025-50143 | Rejected reason: Not used... | R | |
| CVE-2025-50144 | Rejected reason: Not used... | R | |
| CVE-2025-50145 | Rejected reason: Not used... | R | |
| CVE-2025-50146 | Rejected reason: Not used... | R | |
| CVE-2025-50147 | Rejected reason: Not used... | R | |
| CVE-2025-50148 | Rejected reason: Not used... | R | |
| CVE-2025-50149 | Rejected reason: Not used... | R | |
| CVE-2025-50150 | Rejected reason: Not used... | R | |
| CVE-2025-50178 | GitForge.jl lacks validation for user provided fields | | |
| CVE-2025-50179 | Tuleap missing CSRF protection on tracker reports manipulation | | |
| CVE-2025-50181 | urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation | | |
| CVE-2025-50182 | urllib3 does not control redirects in browsers and Node.js | | |
| CVE-2025-50183 | OpenList (frontend) allows XSS Attacks in the built-in Markdown Viewer | | |
| CVE-2025-50200 | RabbitMQ Node can log Basic Auth header from an HTTP request | | |
| CVE-2025-50201 | WeGIA OS Command Injection in debug_info.php parameter 'branch' | E S | |
| CVE-2025-50202 | Lychee Path Traversal Vulnerability | | |
| CVE-2025-50213 | Apache Airflow Providers Snowflake: Potential SQL injection in CopyFromExternalStageToSnowflakeOperator | S | |
| CVE-2025-50258 | Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the SetSysTimeCfg function via the ... | E | |
| CVE-2025-50260 | Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetFirewallCfg function via... | E | |
| CVE-2025-50262 | Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetQosBand function via the... | E | |
| CVE-2025-50263 | Tenda AC6 v15.03.05.16_multi is vulnerable to Buffer Overflow in the fromSetRouteStatic function via... | E | |
| CVE-2025-50348 | PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-... | E | |
| CVE-2025-50349 | PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-... | E | |
| CVE-2025-50350 | PHPGurukul Pre-School Enrollment System Project v1.0 is vulnerable to Directory Traversal in manage-... | E | |
| CVE-2025-50367 | A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generatio... | | |
| CVE-2025-50369 | A Cross-Site Request Forgery (CSRF) vulnerability exists in the Manage Card functionality (/mcgs/adm... | | |
| CVE-2025-50370 | A Cross-Site Request Forgery (CSRF) vulnerability exists in the Inquiry Management functionality /mc... | | |
| CVE-2025-50404 | Intelbras RX1500 Router v2.2.17 and before is vulnerable to Integer Overflow. The websReadEvent func... | | |
| CVE-2025-50405 | Intelbras RX1500 Router v2.2.17 and before is vulnerable to Incorrect Access Control in the Firmware... | | |
| CVE-2025-50528 | A buffer overflow vulnerability exists in the fromNatStaticSetting function of Tenda AC6 <=V15.03.05... | E | |
| CVE-2025-50641 | Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the addWifiMacFilter function via th... | E | |
| CVE-2025-50693 | PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Insecure Direct Object Reference... | E | |
| CVE-2025-50695 | PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in /a... | E | |
| CVE-2025-50699 | PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in od... | E |