CVE Feeds
Latest CVEs
Updates on the latest vulnerabilities detected.
-
CVE-2025-7704 - Supermicro BMC SMASH services has a Stack-based buffer overflow vulnerability
CVE ID :CVE-2025-7704
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability
Severity: 5.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64384 - WordPress JetFormBuilder plugin
CVE ID :CVE-2025-64384
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Missing Authorization vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetFormBuilder: from n/a through = 3.5.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64383 - WordPress Qi Blocks plugin bility
CVE ID :CVE-2025-64383
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Qode Qi Blocks qi-blocks allows Stored XSS.This issue affects Qi Blocks: from n/a through = 1.4.3.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64382 - WordPress Order Export & Order Import for WooCommerce plugin
CVE ID :CVE-2025-64382
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Missing Authorization vulnerability in WebToffee Order Export & Order Import for WooCommerce order-import-export-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Export & Order Import for WooCommerce: from n/a through = 2.6.7.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64381 - WordPress Booking Calendar plugin y
CVE ID :CVE-2025-64381
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevelop Booking Calendar booking allows Stored XSS.This issue affects Booking Calendar: from n/a through = 10.14.7.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64380 - WordPress Booster for WooCommerce plugin
CVE ID :CVE-2025-64380
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Stored XSS.This issue affects Booster for WooCommerce: from n/a through = 7.3.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64379 - WordPress Booster for WooCommerce plugin
CVE ID :CVE-2025-64379
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Missing Authorization vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booster for WooCommerce: from n/a through = 7.4.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64370 - WordPress YOP Poll plugin ity
CVE ID :CVE-2025-64370
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Missing Authorization vulnerability in YOP YOP Poll yop-poll allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YOP Poll: from n/a through = 6.5.38.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64369 - WordPress Contact Form Email plugin
CVE ID :CVE-2025-64369
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Missing Authorization vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through = 1.3.58.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64292 - WordPress Analytics Germanized for Google Analytics plugin
CVE ID :CVE-2025-64292
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PascalBajorat Analytics Germanized for Google Analytics ga-germanized allows DOM-Based XSS.This issue affects Analytics Germanized for Google Analytics: from n/a through = 1.6.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64277 - WordPress ChatBot plugin ity
CVE ID :CVE-2025-64277
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through = 7.3.9.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64276 - WordPress Survey Maker plugin
CVE ID :CVE-2025-64276
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Missing Authorization vulnerability in Ays Pro Survey Maker survey-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Survey Maker: from n/a through = 5.1.9.4.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64275 - WordPress Booking Manager plugin y
CVE ID :CVE-2025-64275
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevelop Booking Manager booking-manager allows Stored XSS.This issue affects Booking Manager: from n/a through = 2.1.17.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64274 - WordPress WPKoi Templates for Elementor plugin
CVE ID :CVE-2025-64274
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Missing Authorization vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPKoi Templates for Elementor: from n/a through = 3.4.4.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64271 - WordPress WP Plugin Manager plugin ility
CVE ID :CVE-2025-64271
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Cross-Site Request Forgery (CSRF) vulnerability in HasThemes WP Plugin Manager wp-plugin-manager allows Cross Site Request Forgery.This issue affects WP Plugin Manager: from n/a through = 1.4.7.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64269 - WordPress WooCommerce PDF Invoice Builder plugin
CVE ID :CVE-2025-64269
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Missing Authorization vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder woo-pdf-invoice-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce PDF Invoice Builder: from n/a through = 1.2.150.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64267 - WordPress WooCommerce Ultimate Points And Rewards plugin
CVE ID :CVE-2025-64267
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPSwings WooCommerce Ultimate Points And Rewards woocommerce-ultimate-points-and-rewards allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce Ultimate Points And Rewards: from n/a through = 2.10.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64265 - WordPress Frontend File Manager plugin
CVE ID :CVE-2025-64265
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.2.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64264 - WordPress Popup addon for Ninja Forms plugin
CVE ID :CVE-2025-64264
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aman Popup addon for Ninja Forms popup-addon-for-ninja-forms allows Stored XSS.This issue affects Popup addon for Ninja Forms: from n/a through = 3.5.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more... -
CVE-2025-64263 - WordPress WP Content Pilot plugin
CVE ID :CVE-2025-64263
Published : Nov. 13, 2025, 10:15 a.m. | 1 hour, 7 minutes ago
Description :Missing Authorization vulnerability in PluginEver WP Content Pilot wp-content-pilot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Content Pilot: from n/a through = 2.1.7.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Information
Vortech Consulting is a network security and design consulting firm originally founded in 1997. Over our nearly 30 year history we have provided security services and products for a wide variety of companies around the globe.
Company
Who's Online
We have 734 guests and no members online