|
2481
|
7.5 |
HIGH
Network
|
-
|
-
|
El plugin WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters para WordPress es vulnerable a inyección SQL basada en tiempo a través del parámetro 'orderby' en to…
|
CWE-89
SQL Injection
|
CVE-2026-2580
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2482
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in MacCMS 2025.1000.4052. This affects an unknown part of the file application/api/controller/Timming.php of the component Timming API Endpoint. The manipulation r…
|
CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-4562
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2483
|
7.3 |
HIGH
Network
|
-
|
-
|
Se ha descubierto una falla de seguridad en MacCMS 2025.1000.4052. Esto afecta una parte desconocida del archivo application/api/controller/Timming.php del componente Timming API Endpoint. La manipul…
|
CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-4562
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2484
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in MacCMS up to 2025.1000.4052. This vulnerability affects the function order_info of the file application/index/controller/User.php of the component Member Order Detai…
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-4563
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2485
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Se ha identificado una debilidad en MacCMS hasta 2025.1000.4052. Esta vulnerabilidad afecta a la función order_info del archivo application/index/controller/User.php del componente Member Order Detai…
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-4563
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2486
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in yangzongzhuan RuoYi up to 4.8.2. This issue affects some unknown processing of the file /monitor/job/ of the component Quartz Job Handler. Such manipulat…
|
CWE-74
CWE-94
Injection
Code Injection
|
CVE-2026-4564
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2487
|
6.5 |
MEDIUM
Network
|
-
|
-
|
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to unauthorized access of data due to improper authori…
|
CWE-285
Improper Authorization
|
CVE-2025-10736
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2488
|
6.5 |
MEDIUM
Network
|
-
|
-
|
El plugin ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More para WordPress es vulnerable a acceso no autorizado a datos debido a controles …
|
CWE-285
Improper Authorization
|
CVE-2025-10736
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2489
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up t…
|
CWE-285
Improper Authorization
|
CVE-2025-10731
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2490
|
4.7 |
MEDIUM
Network
|
-
|
-
|
Una vulnerabilidad de seguridad ha sido detectada en yangzongzhuan RuoYi hasta la versión 4.8.2. Este problema afecta a algún procesamiento desconocido del archivo /monitor/job/ del componente Gestor…
|
CWE-74
CWE-94
Injection
Code Injection
|
CVE-2026-4564
|
2026-04-25 01:32 |
2026-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
