Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2025-22319
Missing Authorization vulnerability in DearHive Social Media Share Buttons | MashShare.This issue affects Social Media Share Buttons | MashShare: from n/a up to and including 4.0.47.
6.5
CVSSv3
CVE-2025-22323
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jewel Theme Image Hover Effects for Elementor allows Stored XSS.This issue affects Image Hover Effects for Elementor: from n/a up to and including 1.0.2.3.
6.5
CVSSv3
CVE-2025-22333
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a up to and including 2.4.31.
7.6
CVSSv3
CVE-2025-22349
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Owen Cutajar & Hyder Jaffari WordPress Auction Plugin allows SQL Injection.This issue affects WordPress Auction Plugin: from n/a up to and including 3.7.
7.6
CVSSv3
CVE-2025-22351
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PenguinArts Contact Form 7 Database – CFDB7 allows SQL Injection.This issue affects Contact Form 7 Database – CFDB7: from n/a up to and including 1.0.0.
7.1
CVSSv3
CVE-2025-22358
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marcon Simone Wp advertising management allows Reflected XSS.This issue affects Wp advertising management: from n/a up to and including 1.0.3.
7.5
CVSSv3
CVE-2025-22364
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Service Shogun Ach Invoice App allows PHP Local File Inclusion.This issue affects Ach Invoice App: from n/a up to and including 1.0.1.
7.5
CVSSv3
CVE-2025-22384
An issue exists in Optimizely Configured Commerce prior to 5.2.2408. A medium-severity issue concerning business logic exists in the Commerce B2B application, which allows storefront visitors to purchase discontinued products in specific scenarios where requests are altered befor...
5.9
CVSSv3
CVE-2025-22385
An issue exists in Optimizely Configured Commerce prior to 5.2.2408. For newly created accounts, the Commerce B2B application does not require email confirmation. This medium-severity issue allows the mass creation of accounts. This could affect database storage; also, non-reques...
8.5
CVSSv3
CVE-2025-22505
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nabaraj Chapagain NC Wishlist for Woocommerce allows SQL Injection.This issue affects NC Wishlist for Woocommerce: from n/a up to and including 1.0.1.
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
desktop browser
urbancode velocity
CVE-2024-57932
CVE-2025-21655
CVE-2024-12084
CVE-2023-34960
unauthorized
CSRF
CVE-2024-57913
privilege
CVE-2025-21649
itsourcecode
cp-xr-de21-s router
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »