{
"Source": "CVE FEED",
"Title": "CVE-2025-64381 - WordPress Booking Calendar plugin <= 10.14.7 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-64381
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevelop Booking Calendar booking allows Stored XSS.This issue affects Booking Calendar: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64381 - WordPress Booking Calendar plugin <= 10.14.7 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-64381
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevelop Booking Calendar booking allows Stored XSS.This issue affects Booking Calendar: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64382 - WordPress Order Export & Order Import for WooCommerce plugin <= 2.6.7 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64382
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in WebToffee Order Export & Order Import for WooCommerce order-import-export-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Export & Order Import for WooCommerce: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64382 - WordPress Order Export & Order Import for WooCommerce plugin <= 2.6.7 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64382
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in WebToffee Order Export & Order Import for WooCommerce order-import-export-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Export & Order Import for WooCommerce: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64383 - WordPress Qi Blocks plugin <= 1.4.3 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-64383
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Qode Qi Blocks qi-blocks allows Stored XSS.This issue affects Qi Blocks: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64383 - WordPress Qi Blocks plugin <= 1.4.3 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-64383
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Qode Qi Blocks qi-blocks allows Stored XSS.This issue affects Qi Blocks: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-7704 - Supermicro BMC SMASH services has a Stack-based buffer overflow vulnerability",
"Content": "CVE ID : CVE-2025-7704
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-7704 - Supermicro BMC SMASH services has a Stack-based buffer overflow vulnerability",
"Content": "CVE ID : CVE-2025-7704
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64277 - WordPress ChatBot plugin <= 7.3.9 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64277
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64277 - WordPress ChatBot plugin <= 7.3.9 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64277
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64292 - WordPress Analytics Germanized for Google Analytics plugin <= 1.6.2 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-64292
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PascalBajorat Analytics Germanized for Google Analytics ga-germanized allows DOM-Based XSS.This issue affects Analytics Germanized for Google Analytics: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64292 - WordPress Analytics Germanized for Google Analytics plugin <= 1.6.2 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-64292
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PascalBajorat Analytics Germanized for Google Analytics ga-germanized allows DOM-Based XSS.This issue affects Analytics Germanized for Google Analytics: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64369 - WordPress Contact Form Email plugin <= 1.3.58 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64369
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64369 - WordPress Contact Form Email plugin <= 1.3.58 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64369
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64370 - WordPress YOP Poll plugin <= 6.5.38 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64370
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in YOP YOP Poll yop-poll allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YOP Poll: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64370 - WordPress YOP Poll plugin <= 6.5.38 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64370
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in YOP YOP Poll yop-poll allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YOP Poll: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64379 - WordPress Booster for WooCommerce plugin <= 7.4.0 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64379
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64379 - WordPress Booster for WooCommerce plugin <= 7.4.0 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64379
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64269 - WordPress WooCommerce PDF Invoice Builder plugin <= 1.2.150 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64269
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoice Builder: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64269 - WordPress WooCommerce PDF Invoice Builder plugin <= 1.2.150 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64269
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoice Builder: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64271 - WordPress WP Plugin Manager plugin <= 1.4.7 - cross site request forgery (csrf) vulnerability",
"Content": "CVE ID : CVE-2025-64271
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in HasThemes WP Plugin Manager wp-plugin-manager allows Cross Site Request Forgery.This issue affects WP Plugin Manager: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64271 - WordPress WP Plugin Manager plugin <= 1.4.7 - cross site request forgery (csrf) vulnerability",
"Content": "CVE ID : CVE-2025-64271
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in HasThemes WP Plugin Manager wp-plugin-manager allows Cross Site Request Forgery.This issue affects WP Plugin Manager: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64274 - WordPress WPKoi Templates for Elementor plugin <= 3.4.4 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64274
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPKoi Templates for Elementor: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64274 - WordPress WPKoi Templates for Elementor plugin <= 3.4.4 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64274
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPKoi Templates for Elementor: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64276 - WordPress Survey Maker plugin <= 5.1.9.4 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64276
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in Ays Pro Survey Maker survey-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Survey Maker: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64276 - WordPress Survey Maker plugin <= 5.1.9.4 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64276
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in Ays Pro Survey Maker survey-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Survey Maker: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64267 - WordPress WooCommerce Ultimate Points And Rewards plugin <= 2.10.2 - sensitive data exposure vulnerability",
"Content": "CVE ID : CVE-2025-64267
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPSwings WooCommerce Ultimate Points And Rewards woocommerce-ultimate-points-and-rewards allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce Ultimate Points And Rewards: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64267 - WordPress WooCommerce Ultimate Points And Rewards plugin <= 2.10.2 - sensitive data exposure vulnerability",
"Content": "CVE ID : CVE-2025-64267
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPSwings WooCommerce Ultimate Points And Rewards woocommerce-ultimate-points-and-rewards allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce Ultimate Points And Rewards: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64275 - WordPress Booking Manager plugin <= 2.1.17 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-64275
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevelop Booking Manager booking-manager allows Stored XSS.This issue affects Booking Manager: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64275 - WordPress Booking Manager plugin <= 2.1.17 - cross site scripting (xss) vulnerability",
"Content": "CVE ID : CVE-2025-64275
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevelop Booking Manager booking-manager allows Stored XSS.This issue affects Booking Manager: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64259 - WordPress Theater for WordPress plugin <= 0.18.8 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64259
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress theatre allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theater for WordPress: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64259 - WordPress Theater for WordPress plugin <= 0.18.8 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64259
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in Jeroen Schmit Theater for WordPress theatre allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Theater for WordPress: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64261 - WordPress Appointment Booking Calendar plugin <= 1.3.95 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64261
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in codepeople Appointment Booking Calendar appointment-booking-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appointment Booking Calendar: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64261 - WordPress Appointment Booking Calendar plugin <= 1.3.95 - broken access control vulnerability",
"Content": "CVE ID : CVE-2025-64261
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Missing Authorization vulnerability in codepeople Appointment Booking Calendar appointment-booking-calendar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appointment Booking Calendar: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-64262 - WordPress Auto Prune Posts plugin <= 3.0.0 - cross site request forgery (csrf) vulnerability",
"Content": "CVE ID : CVE-2025-64262
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in ramon fincken Auto Prune Posts auto-prune-posts allows Cross Site Request Forgery.This issue affects Auto Prune Posts: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-64262 - WordPress Auto Prune Posts plugin <= 3.0.0 - cross site request forgery (csrf) vulnerability",
"Content": "CVE ID : CVE-2025-64262
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 12 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in ramon fincken Auto Prune Posts auto-prune-posts allows Cross Site Request Forgery.This issue affects Auto Prune Posts: from n/a through <=
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-41069 - Insecure Direct Object References (IDOR) in DeporSite of T-Innova DeporSite",
"Content": "CVE ID : CVE-2025-41069
Published : Nov. 13, 2025, 1:23 p.m. | 7 minutes ago
Description : Insecure Direct Object Reference (IDOR) vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in โ/ajax/TInnova_v2/Formulario_Consentimiento/llamadaAjax/obtenerDatosConsentimientosโ, which could lead to the exposure or alteration os confidential data.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-41069 - Insecure Direct Object References (IDOR) in DeporSite of T-Innova DeporSite",
"Content": "CVE ID : CVE-2025-41069
Published : Nov. 13, 2025, 1:23 p.m. | 7 minutes ago
Description : Insecure Direct Object Reference (IDOR) vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in โ/ajax/TInnova_v2/Formulario_Consentimiento/llamadaAjax/obtenerDatosConsentimientosโ, which could lead to the exposure or alteration os confidential data.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-40681 - Cross-Site Scripting (XSS) in xCally Omnichannel",
"Content": "CVE ID : CVE-2025-40681
Published : Nov. 13, 2025, 1:15 p.m. | 14 minutes ago
Description : Cross-site Scripting (XSS) vulnerability reflected in xCally's Omnichannel v3.30.1. This vulnerability allowsan attacker to executed JavaScript code in the victim's browser by sending them a malicious URL using the 'failureMessage' parameter in '/login'. This vulnerability can be exploited to steal sentitive user data, such as session cookies , or to perform actions on behalf of the user.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-40681 - Cross-Site Scripting (XSS) in xCally Omnichannel",
"Content": "CVE ID : CVE-2025-40681
Published : Nov. 13, 2025, 1:15 p.m. | 14 minutes ago
Description : Cross-site Scripting (XSS) vulnerability reflected in xCally's Omnichannel v3.30.1. This vulnerability allowsan attacker to executed JavaScript code in the victim's browser by sending them a malicious URL using the 'failureMessage' parameter in '/login'. This vulnerability can be exploited to steal sentitive user data, such as session cookies , or to perform actions on behalf of the user.
Severity: 5.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
{
"Source": "CVE FEED",
"Title": "CVE-2025-12765 - pgAdmin 4: LDAP authentication flow vulnerable to TLS certificate verification bypass.",
"Content": "CVE ID : CVE-2025-12765
Published : Nov. 13, 2025, 1:15 p.m. | 14 minutes ago
Description : pgAdmin <=
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น
"Source": "CVE FEED",
"Title": "CVE-2025-12765 - pgAdmin 4: LDAP authentication flow vulnerable to TLS certificate verification bypass.",
"Content": "CVE ID : CVE-2025-12765
Published : Nov. 13, 2025, 1:15 p.m. | 14 minutes ago
Description : pgAdmin <=
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...",
"Detection Date": "13 Nov 2025",
"Type": "Vulnerability"
}
๐น t.me/cvedetector ๐น