|
3441
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in CRM Perks Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms cf7-mailchimp allows Exploiting Incorrectly Configured Access Control Se…
|
CWE-862
Missing Authorization
|
CVE-2026-25430
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3442
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de falta de autorización en CRM Perks Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms cf7-mailchimp permite explotar niveles de seguridad de control de ac…
|
CWE-862
Missing Authorization
|
CVE-2026-25430
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3443
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Booking calendar, Appointment Booking System booking-calendar allows Stored XSS.This iss…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25435
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3444
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en wpdevart Booking calendar, Appointment Booking System booking-calendar permite …
|
CWE-79
Cross-site Scripting
|
CVE-2026-25435
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3445
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in سید محمدامین هاشمی GZSEO gzseo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GZSEO: from n/a through <= 2.0.14.
|
CWE-862
Missing Authorization
|
CVE-2026-25437
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3446
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Vulnerabilidad de autorización faltante en ??? ???????? ????? GZSEO gzseo permite la explotación de niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a GZSE…
|
CWE-862
Missing Authorization
|
CVE-2026-25437
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3447
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Improper Control of Generation of Code ('Code Injection') vulnerability in Jonathan Daggerhart Widget Wrangler widget-wrangler allows Code Injection.This issue affects Widget Wrangler: from n/a throu…
|
CWE-94
Code Injection
|
CVE-2026-25447
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3448
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Vulnerabilidad de control inadecuado de la generación de código ('Inyección de código') en Jonathan Daggerhart Widget Wrangler widget-wrangler permite la inyección de código. Este problema afecta a W…
|
CWE-94
Code Injection
|
CVE-2026-25447
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3449
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDO Remoji remoji allows Stored XSS.This issue affects Remoji: from n/a through <= 2.2.
|
CWE-79
Cross-site Scripting
|
CVE-2026-25452
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3450
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en WPDO Remoji remoji permite XSS Almacenado. Este problema afecta a Remoji: desde…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25452
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
