CVE-2024-45356 - Xiaomi Phone Framework Unauthorized Access Vulnerability
CVE ID : CVE-2024-45356
Published : March 27, 2025, 8:15 a.m. | 1 hour, 44 minutes ago
Description : A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-45356
Published : March 27, 2025, 8:15 a.m. | 1 hour, 44 minutes ago
Description : A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is caused by improper validation and can be exploited by attackers to Access sensitive methods.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-45361 - Xiaomi Mi Connect Service APP Information Disclosure Vulnerability
CVE ID : CVE-2024-45361
Published : March 27, 2025, 8:15 a.m. | 1 hour, 44 minutes ago
Description : A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to leak sensitive user information.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-45361
Published : March 27, 2025, 8:15 a.m. | 1 hour, 44 minutes ago
Description : A protocol flaw vulnerability exists in the Xiaomi Mi Connect Service APP. The vulnerability is caused by the validation logic is flawed and can be exploited by attackers to leak sensitive user information.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30898 - MahdiY WooCommerce Transport Plugin Cross-Site Scripting (XSS)
CVE ID : CVE-2025-30898
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mahdi Yousefi [MahdiY] افزونه حمل و نقل ووکامرس (پست پیشتاز و سفارشی، پیک موتوری) allows Stored XSS. This issue affects افزونه حمل و نقل ووکامرس (پست پیشتاز و سفارشی، پیک موتوری): from n/a through 4.2.3.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30898
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mahdi Yousefi [MahdiY] افزونه حمل و نقل ووکامرس (پست پیشتاز و سفارشی، پیک موتوری) allows Stored XSS. This issue affects افزونه حمل و نقل ووکامرس (پست پیشتاز و سفارشی، پیک موتوری): from n/a through 4.2.3.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30899 - Wpeverest Stored Cross-site Scripting Vulnerability
CVE ID : CVE-2025-30899
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration allows Stored XSS. This issue affects User Registration: from n/a through 4.0.3.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30899
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration allows Stored XSS. This issue affects User Registration: from n/a through 4.0.3.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30900 - Zoho Subscriptions Cross-site Scripting
CVE ID : CVE-2025-30900
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zoho Subscriptions Zoho Billing – Embed Payment Form allows Stored XSS. This issue affects Zoho Billing – Embed Payment Form: from n/a through 4.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30900
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zoho Subscriptions Zoho Billing – Embed Payment Form allows Stored XSS. This issue affects Zoho Billing – Embed Payment Form: from n/a through 4.0.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30903 - Alex Mills SyntaxHighlighter Evolved Cross-Site Scripting
CVE ID : CVE-2025-30903
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Mills SyntaxHighlighter Evolved allows DOM-Based XSS. This issue affects SyntaxHighlighter Evolved: from n/a through 3.7.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30903
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alex Mills SyntaxHighlighter Evolved allows DOM-Based XSS. This issue affects SyntaxHighlighter Evolved: from n/a through 3.7.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30904 - Ays Pro Chartify Stored Cross-site Scripting Vulnerability
CVE ID : CVE-2025-30904
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Chartify allows Stored XSS. This issue affects Chartify: from n/a through 3.1.7.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30904
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Chartify allows Stored XSS. This issue affects Chartify: from n/a through 3.1.7.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30907 - SecuPress Free Cross-site Scripting (XSS)
CVE ID : CVE-2025-30907
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SecuPress SecuPress Free allows DOM-Based XSS. This issue affects SecuPress Free: from n/a through 2.2.5.3.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30907
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SecuPress SecuPress Free allows DOM-Based XSS. This issue affects SecuPress Free: from n/a through 2.2.5.3.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30909 - Conversios.io Missing Authorization Vulnerability
CVE ID : CVE-2025-30909
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Missing Authorization vulnerability in Conversios Conversios.io allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Conversios.io: from n/a through 7.2.3.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30909
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Missing Authorization vulnerability in Conversios Conversios.io allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Conversios.io: from n/a through 7.2.3.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30912 - Wow-Company Float Menu CSRF
CVE ID : CVE-2025-30912
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Float menu allows Cross Site Request Forgery. This issue affects Float menu: from n/a through 6.1.2.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30912
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Float menu allows Cross Site Request Forgery. This issue affects Float menu: from n/a through 6.1.2.
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30914 - XpeedStudio Metform SSRF
CVE ID : CVE-2025-30914
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Server-Side Request Forgery (SSRF) vulnerability in XpeedStudio Metform allows Server Side Request Forgery. This issue affects Metform: from n/a through 3.9.2.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30914
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Server-Side Request Forgery (SSRF) vulnerability in XpeedStudio Metform allows Server Side Request Forgery. This issue affects Metform: from n/a through 3.9.2.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30918 - Codemacher Structured Content Cross-Site Scripting (XSS)
CVE ID : CVE-2025-30918
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codemacher Structured Content allows Stored XSS. This issue affects Structured Content: from n/a through 1.6.3.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30918
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codemacher Structured Content allows Stored XSS. This issue affects Structured Content: from n/a through 1.6.3.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30919 - Store Locator Widget CSRF Stored XSS
CVE ID : CVE-2025-30919
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Store Locator Widgets Store Locator Widget allows Stored XSS. This issue affects Store Locator Widget: from n/a through 20200131.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30919
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in Store Locator Widgets Store Locator Widget allows Stored XSS. This issue affects Store Locator Widget: from n/a through 20200131.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30920 - Teastudio.pl WP Posts Carousel Cross-site Scripting
CVE ID : CVE-2025-30920
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in teastudio.pl WP Posts Carousel allows Stored XSS. This issue affects WP Posts Carousel: from n/a through 1.3.7.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30920
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in teastudio.pl WP Posts Carousel allows Stored XSS. This issue affects WP Posts Carousel: from n/a through 1.3.7.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30921 - Tribulant Software Newsletters SQL Injection
CVE ID : CVE-2025-30921
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Software Newsletters allows SQL Injection. This issue affects Newsletters: from n/a through 4.9.9.7.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30921
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Software Newsletters allows SQL Injection. This issue affects Newsletters: from n/a through 4.9.9.7.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30922 - Simplebooklet PDF Viewer and Embedder Cross-site Scripting
CVE ID : CVE-2025-30922
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in simplebooklet Simplebooklet PDF Viewer and Embedder allows Stored XSS. This issue affects Simplebooklet PDF Viewer and Embedder: from n/a through 1.1.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30922
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in simplebooklet Simplebooklet PDF Viewer and Embedder allows Stored XSS. This issue affects Simplebooklet PDF Viewer and Embedder: from n/a through 1.1.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30923 - Powerfulwp Gift Message for WooCommerce CSRF Vulnerability
CVE ID : CVE-2025-30923
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in powerfulwp Gift Message for WooCommerce allows Cross Site Request Forgery. This issue affects Gift Message for WooCommerce: from n/a through 1.7.8.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30923
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Cross-Site Request Forgery (CSRF) vulnerability in powerfulwp Gift Message for WooCommerce allows Cross Site Request Forgery. This issue affects Gift Message for WooCommerce: from n/a through 1.7.8.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-30925 - Webangon Elementor Pack Cross-site Scripting (XSS)
CVE ID : CVE-2025-30925
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webangon The Pack Elementor addons allows Stored XSS. This issue affects The Pack Elementor addons: from n/a through 2.1.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-30925
Published : March 27, 2025, 11:15 a.m. | 2 hours, 43 minutes ago
Description : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webangon The Pack Elementor addons allows Stored XSS. This issue affects The Pack Elementor addons: from n/a through 2.1.1.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31139 - JetBrains TeamCity Password Exposure Vulnerability
CVE ID : CVE-2025-31139
Published : March 27, 2025, 12:15 p.m. | 1 hour, 44 minutes ago
Description : In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31139
Published : March 27, 2025, 12:15 p.m. | 1 hour, 44 minutes ago
Description : In JetBrains TeamCity before 2025.03 base64 encoded password could be exposed in build log
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31140 - JetBrains TeamCity Stored XSS Vulnerability
CVE ID : CVE-2025-31140
Published : March 27, 2025, 12:15 p.m. | 1 hour, 44 minutes ago
Description : In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31140
Published : March 27, 2025, 12:15 p.m. | 1 hour, 44 minutes ago
Description : In JetBrains TeamCity before 2025.03 stored XSS was possible on Cloud Profiles page
Severity: 4.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-31141 - JetBrains TeamCity Authentication Bypass Vulnerability
CVE ID : CVE-2025-31141
Published : March 27, 2025, 12:15 p.m. | 1 hour, 44 minutes ago
Description : In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-31141
Published : March 27, 2025, 12:15 p.m. | 1 hour, 44 minutes ago
Description : In JetBrains TeamCity before 2025.03 exception could lead to credential leakage on Cloud Profiles page
Severity: 2.7 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...