|
2921
|
8.5 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-elementor allows Bl…
|
CWE-89
SQL Injection
|
CVE-2026-25007
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2922
|
8.5 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando SQL ('Inyección SQL') en Element Invader ElementInvader Addons for Elementor elementinvader-addons-for-ele…
|
CWE-89
SQL Injection
|
CVE-2026-25007
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2923
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in raratheme Education Zone education-zone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Zone: from n/a thro…
|
CWE-862
Missing Authorization
|
CVE-2026-25009
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2924
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en raratheme Education Zone education-zone permite la explotación de niveles de seguridad de control de acceso configurados incorrectamente. Este problema afec…
|
CWE-862
Missing Authorization
|
CVE-2026-25009
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2925
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WHMCSdes Phox Hosting phox-host allows Reflected XSS.This issue affects Phox Hosting: from n/a th…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25013
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2926
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en WHMCSdes Phox Hosting phox-host permite XSS Reflejado. Este problema afecta a P…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25013
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2927
|
8.1 |
HIGH
Network
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in stmcan NaturaLife Extensions naturalife-extensions allows PHP Local File Inclu…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-25017
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2928
|
8.1 |
HIGH
Network
|
-
|
-
|
La vulnerabilidad de control inadecuado del nombre de fichero para la declaración Include/Require en el programa PHP ('Inclusión remota de ficheros PHP') en stmcan NaturaLife Extensions naturalife-ex…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-25017
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2929
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in stmcan NaturaLife Extensions naturalife-extensions allows Reflected XSS.This issue affects Natura…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25018
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2930
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en stmcan NaturaLife Extensions naturalife-extensions permite XSS Reflejado. Este …
|
CWE-79
Cross-site Scripting
|
CVE-2026-25018
|
2026-04-25 01:32 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
