Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2025-22345
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tobias Spiess TS Comfort DB allows Reflected XSS.This issue affects TS Comfort DB: from n/a up to and including 2.0.7.
6.4
CVSSv3
CVE-2025-22346
Server-Side Request Forgery (SSRF) vulnerability in Faizaan Gagan Course Migration for LearnDash allows Server Side Request Forgery.This issue affects Course Migration for LearnDash: from 1.0.2 through n/a.
8.2
CVSSv3
CVE-2025-22347
Cross-Site Request Forgery (CSRF) vulnerability in BannerSky.com BSK Forms Blacklist allows Blind SQL Injection.This issue affects BSK Forms Blacklist: from n/a up to and including 3.9.
8.5
CVSSv3
CVE-2025-22348
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RTO GmbH DynamicTags allows Blind SQL Injection.This issue affects DynamicTags: from n/a up to and including 1.4.0.
7.6
CVSSv3
CVE-2025-22350
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WpIndeed Ultimate Learning Pro allows SQL Injection.This issue affects Ultimate Learning Pro: from n/a up to and including 3.9.
7.6
CVSSv3
CVE-2025-22352
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes allows Blind SQL Injection.This issue affects ELEX WooCommerce Advanced Bulk Edit Pro...
1 Github repository
7.1
CVSSv3
CVE-2025-22353
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Balcom-Vetillo Design, Inc. BVD Easy Gallery Manager allows Reflected XSS.This issue affects BVD Easy Gallery Manager: from n/a up to and including 1.0.6.
6.5
CVSSv3
CVE-2025-22354
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Code Themes Digi Store allows DOM-Based XSS.This issue affects Digi Store: from n/a up to and including 1.1.4.
7.1
CVSSv3
CVE-2025-22355
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kiKx Kikx Simple Post Author Filter allows Reflected XSS.This issue affects Kikx Simple Post Author Filter: from n/a up to and including 1.0.
7.1
CVSSv3
CVE-2025-22357
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simple Plugins Target Notifications allows Reflected XSS.This issue affects Target Notifications: from n/a up to and including 1.1.1.
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2024-55591
CVE-2024-13184
unauthorized
information disclosure
CVE-2024-13385
CVE-2024-43468
denial of service
CVE-2024-57370
CVE-2025-21606
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »