Total
286780 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-30525 | 2025-03-24 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ProfitShare.ro WP Profitshare allows SQL Injection. This issue affects WP Profitshare: from n/a through 1.4.9. | ||||
| CVE-2025-24185 | 1 Apple | 1 Macos | 2025-03-24 | 5.5 Medium |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.3, macOS Ventura 13.7.3, macOS Sonoma 14.7.3. Parsing a maliciously crafted file may lead to an unexpected app termination. | ||||
| CVE-2024-44199 | 1 Apple | 1 Macos | 2025-03-24 | 7.1 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.6. An app may be able to cause unexpected system termination or read kernel memory. | ||||
| CVE-2025-30526 | 2025-03-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in lucksy Typekit plugin for WordPress allows Cross Site Request Forgery. This issue affects Typekit plugin for WordPress: from n/a through 1.2.3. | ||||
| CVE-2024-49259 | 1 Nicheaddons | 1 Primary Addon For Elementor | 2025-03-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Primary Addon for Elementor allows Stored XSS.This issue affects Primary Addon for Elementor: from n/a through 1.5.8. | ||||
| CVE-2024-44305 | 1 Apple | 1 Macos | 2025-03-24 | 7.8 High |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.6. An app may be able to gain root privileges. | ||||
| CVE-2025-30527 | 2025-03-24 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codetoolbox My Bootstrap Menu allows Stored XSS. This issue affects My Bootstrap Menu: from n/a through 1.2.1. | ||||
| CVE-2025-30528 | 2025-03-24 | 9.3 Critical | ||
| Cross-Site Request Forgery (CSRF) vulnerability in wpshopee Awesome Logos allows SQL Injection. This issue affects Awesome Logos: from n/a through 1.2. | ||||
| CVE-2024-54551 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2025-03-24 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.6, tvOS 17.6, Safari 17.6, macOS Sonoma 14.6, visionOS 1.3, iOS 17.6 and iPadOS 17.6. Processing web content may lead to a denial-of-service. | ||||
| CVE-2025-30529 | 2025-03-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sébastien Dumont Auto Load Next Post allows Cross Site Request Forgery. This issue affects Auto Load Next Post: from n/a through 1.5.14. | ||||
| CVE-2024-44033 | 1 Nicheaddons | 1 Primary Addon For Elementor | 2025-03-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NicheAddons Primary Addon for Elementor allows Stored XSS.This issue affects Primary Addon for Elementor: from n/a through 1.5.7. | ||||
| CVE-2025-30530 | 2025-03-24 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atikul AI Preloader allows Stored XSS. This issue affects AI Preloader: from n/a through 1.0.2. | ||||
| CVE-2024-54558 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-03-24 | 7.5 High |
| A clickjacking issue was addressed with improved out-of-process view handling. This issue is fixed in iOS 18 and iPadOS 18, macOS Sequoia 15. An app may be able to trick a user into granting access to photos from the user's photo library. | ||||
| CVE-2022-48610 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-03-24 | 5.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2. An app may be able to access user-sensitive data. | ||||
| CVE-2025-30531 | 2025-03-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in GBS Developer WP Ride Booking allows Cross Site Request Forgery. This issue affects WP Ride Booking: from n/a through 2.4. | ||||
| CVE-2025-30532 | 2025-03-24 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MorganF Weather Layer allows Stored XSS. This issue affects Weather Layer: from n/a through 4.2.1. | ||||
| CVE-2022-43454 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-24 | 7.8 High |
| A double free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2025-30533 | 2025-03-24 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Message ticker allows Stored XSS. This issue affects Message ticker: from n/a through 9.3. | ||||
| CVE-2025-30534 | 2025-03-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in captcha.soft Image Captcha allows Cross Site Request Forgery. This issue affects Image Captcha: from n/a through 1.2. | ||||
| CVE-2025-30535 | 2025-03-24 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in muro External image replace allows Cross Site Request Forgery. This issue affects External image replace: from n/a through 1.0.8. | ||||