Known vulnerabilities in web applications

Forum & blogging software
CMS
Modules and components for CMS
CRM systems
Cryptocurrency software
E-Commerce systems
Remote management & hosting panels
JS libraries
Other software
Webmail solutions
SSRF in Axios07 Mar, 2025
Medium Patched
Stored cross-site scripting in Point Maker plugin for WordPress07 Mar, 2025
Low Not Patched
Cross-site scripting in Razorpay Subscription Button Elementor Plugin for WordPress07 Mar, 2025
Low Not Patched
Improper privilege management in Homey - Booking and Rentals WordPress Theme07 Mar, 2025
High Not Patched
SQL injection in Ultimate Member plugin for WordPress07 Mar, 2025
High Patched
Authentication bypass using an alternate path or channel in WP Real Estate Manager plugin for WordPress07 Mar, 2025
High Not Patched
Multiple vulnerabilities in Hero Mega Menu - Responsive WordPress Menu plugin07 Mar, 2025
Medium Not Patched
Multiple vulnerabilities in IBM QRadar Pulse App07 Mar, 2025
Low Patched
Cross-site request forgery in bbPress07 Mar, 2025
Low Patched
Stored cross-site scripting in Recently Purchased Products For Woo plugin for WordPress07 Mar, 2025
Low Not Patched
Stored cross-site scripting in Simple Notification plugin for WordPress07 Mar, 2025
Low Not Patched
Cross-site scripting in Company Directory plugin for WordPress07 Mar, 2025
Low Not Patched
Insufficient Session Expiration in Siemens Products07 Mar, 2025
High Patched
Denial of service in Django06 Mar, 2025
Medium Patched
Code execution in Jinja06 Mar, 2025
Low Patched
IBM watsonx.data update for Snowflake JDBC driver06 Mar, 2025
Medium Patched
Multiple vulnerabilities in AI (Artificial Intelligence) module for Drupal06 Mar, 2025
Low Patched
Improper access control in Two-factor Authentication (TFA) module for Drupal06 Mar, 2025
Medium Patched
Authenticated code execution via prototype pollution in Kibana05 Mar, 2025
Medium Patched
Multiple vulnerabilities in Hitachi Vantara Pentaho Business Analytics Server04 Mar, 2025
Сritical Patched Public exploit