CVE List - 2025 / March
Showing 3701 - 3800 of 4018 CVEs for March 2025 (Page 38 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-2985 | 2025-03-31 | code-projects Payroll Management System update_account.php sql injection |
| CVE-2025-30961 | 2025-03-31 | WordPress Trackserver plugin <= 5.0.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-2989 | 2025-03-31 | Tenda FH1202 Web Management Interface AdvSetWrl access control |
| CVE-2025-31386 | 2025-03-31 | WordPress Simple:Press plugin <= 6.10.11 - Broken Access Control vulnerability |
| CVE-2025-31376 | 2025-03-31 | WordPress NanoSupport plugin <= 0.6.0 - Broken Access Control vulnerability |
| CVE-2025-2990 | 2025-03-31 | Tenda FH1202 Web Management Interface AdvSetWrlGstset access control |
| CVE-2025-3021 | 2025-03-31 | Path Traversal vulnerability in e-management of e-solutions |
| CVE-2025-3026 | 2025-03-31 | Improper Neutralization of Special Elements vulnerability in EJBCA |
| CVE-2025-2991 | 2025-03-31 | Tenda FH1202 Web Management Interface AdvSetWrlmacfilter access control |
| CVE-2025-3027 | 2025-03-31 | Open Redirect vulnerability in EJBCA |
| CVE-2025-30963 | 2025-03-31 | WordPress JetSmartFilters plugin <= 3.6.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31419 | 2025-03-31 | WordPress Churel plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23995 | 2025-03-31 | WordPress Tantyyellow theme <= 1.0.0.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-2992 | 2025-03-31 | Tenda FH1202 Web Management Interface AdvSetWrlsafeset access control |
| CVE-2025-3022 | 2025-03-31 | OS Command Injection vulnerability in e-management of e-solutions |
| CVE-2025-2993 | 2025-03-31 | Tenda FH1202 default.cfg access control |
| CVE-2025-2586 | 2025-03-31 | Ols: unauthenticated metrics flooding in openshift lightspeed service leading to resource exhaustion |
| CVE-2025-2994 | 2025-03-31 | Tenda FH1202 Web Management Interface qossetting access control |
| CVE-2025-2995 | 2025-03-31 | Tenda FH1202 Web Management Interface SysToolChangePwd access control |
| CVE-2025-31526 | 2025-03-31 | WordPress Behance Portfolio Manager plugin <= 1.7.4 - SQL Injection vulnerability |
| CVE-2025-31527 | 2025-03-31 | WordPress WP Link Preview plugin <= 1.4.1 - Server Side Request Forgery (SSRF) vulnerability |
| CVE-2025-31528 | 2025-03-31 | WordPress StaticPress plugin <= 0.4.5 - Broken Access Control vulnerability |
| CVE-2025-31529 | 2025-03-31 | WordPress Slider Path for Elementor plugin <= 3.0.0 - Broken Access Control vulnerability |
| CVE-2025-31530 | 2025-03-31 | WordPress Google SEO Pressor Snippet plugin <= 2.0 - Broken Access Control vulnerability |
| CVE-2025-31532 | 2025-03-31 | WordPress AtomChat plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31533 | 2025-03-31 | WordPress Salesmate Add-On for Gravity Forms plugin <= 2.0.3 - Broken Access Control vulnerability |
| CVE-2025-31535 | 2025-03-31 | WordPress Simple Owl Carousel plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31538 | 2025-03-31 | WordPress Checklist plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31539 | 2025-03-31 | WordPress Cryptocurrency Widgets Pack plugin <= 2.0.1 - Broken Access Control vulnerability |
| CVE-2025-31540 | 2025-03-31 | WordPress ACME Divi Modules plugin <= 1.3.5 - Broken Access Control vulnerability |
| CVE-2025-31542 | 2025-03-31 | WordPress My auctions allegro plugin <= 3.6.20 - SQL Injection vulnerability |
| CVE-2025-31543 | 2025-03-31 | WordPress Twice Commerce plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31544 | 2025-03-31 | WordPress Swiss Toolkit For WP plugin <= 1.3.0 - Broken Access Control vulnerability |
| CVE-2025-31545 | 2025-03-31 | WordPress Safe Ai Malware Protection for WP plugin <= 1.0.20 - Broken Access Control vulnerability |
| CVE-2025-31546 | 2025-03-31 | WordPress Swiss Toolkit For WP plugin <= 1.3.0 - Broken Access Control vulnerability |
| CVE-2025-31547 | 2025-03-31 | WordPress Uptime Robot Plugin for WordPress plugin <= 2.3 - SQL Injection vulnerability |
| CVE-2025-31549 | 2025-03-31 | WordPress Fusion plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31555 | 2025-03-31 | WordPress ContentMX Content Publisher plugin <= 1.0.6 - Broken Access Control vulnerability |
| CVE-2025-31556 | 2025-03-31 | WordPress IMPress for IDX Broker plugin <= 3.2.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31557 | 2025-03-31 | WordPress OSM – OpenStreetMap plugin <= 6.1.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31559 | 2025-03-31 | WordPress Custom Database Applications by Caspio plugin <= 2.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31562 | 2025-03-31 | WordPress Uptime Robot Plugin for WordPress plugin <= 2.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31566 | 2025-03-31 | WordPress Rio Video Gallery plugin <= 2.3.6 - CSRF to Stored XSS vulnerability |
| CVE-2025-31567 | 2025-03-31 | WordPress Themesflat Addons For Elementor plugin <= 2.2.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31569 | 2025-03-31 | WordPress wordpress related Posts with thumbnails plugin <= 3.0.0.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-31570 | 2025-03-31 | WordPress Related Posts Widget with Thumbnails plugin <= 1.2 - CSRF to Stored XSS vulnerability |
| CVE-2025-31572 | 2025-03-31 | WordPress Multi Days Events and Multi Events in One Day Calendar plugin <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-31574 | 2025-03-31 | WordPress Custom Content Scrollbar plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31575 | 2025-03-31 | WordPress Flag Icons plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31576 | 2025-03-31 | WordPress PostmarkApp Email Integrator plugin <= 2.4 - Broken Access Control vulnerability |
| CVE-2025-31577 | 2025-03-31 | WordPress Appointify plugin <= 1.0.8 - Arbitrary File Upload vulnerability |
| CVE-2025-31583 | 2025-03-31 | WordPress WP Copy Media URL plugin <= 2.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-31584 | 2025-03-31 | WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Broken Access Control vulnerability |
| CVE-2025-31585 | 2025-03-31 | WordPress Leadfox for WordPress plugin <= 2.1.8 - CSRF to Stored XSS vulnerability |
| CVE-2025-31586 | 2025-03-31 | WordPress Gallery – Photo Albums Plugin plugin <= 1.3.170 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31587 | 2025-03-31 | WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31588 | 2025-03-31 | WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability |
| CVE-2025-31589 | 2025-03-31 | WordPress Ethiopian Calendar plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31590 | 2025-03-31 | WordPress WP Date and Time Shortcode plugin <= 2.6.7 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31591 | 2025-03-31 | WordPress Exit Popup Free plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31592 | 2025-03-31 | WordPress Send E-mail plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31593 | 2025-03-31 | WordPress OpenMenu plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31595 | 2025-03-31 | WordPress Timeline Event History plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31596 | 2025-03-31 | WordPress Chat by Chatwee plugin <= 2.1.3 - Broken Access Control vulnerability |
| CVE-2025-31597 | 2025-03-31 | WordPress Ultimate Live Cricket WordPress Lite plugin <= 1.4.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31598 | 2025-03-31 | WordPress Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin <= 4.0.0 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31600 | 2025-03-31 | WordPress DesignO plugin <= 2.2.0 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-31601 | 2025-03-31 | WordPress Appointy Appointment Scheduler plugin <= 4.2.1 - CSRF to Settings Change vulnerability |
| CVE-2025-31602 | 2025-03-31 | WordPress Apimo Connector plugin <= 2.6.3.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability |
| CVE-2025-31603 | 2025-03-31 | WordPress CF7 Spreadsheets plugin <= 2.3.2 - Settings Change vulnerability |
| CVE-2025-31604 | 2025-03-31 | WordPress Cal.com plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31605 | 2025-03-31 | WordPress Welcome Popup plugin <= 1.0.10 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31606 | 2025-03-31 | WordPress SP Blog Designer plugin <= 1.0.0 - Arbitrary Shortcode Execution vulnerability |
| CVE-2025-31607 | 2025-03-31 | WordPress Simple-Audioplayer plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31608 | 2025-03-31 | WordPress CookieHint WP plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31609 | 2025-03-31 | WordPress WPCargo Track & Trace plugin <= 7.0.6 - Insecure Direct Object References (IDOR) vulnerability |
| CVE-2025-31610 | 2025-03-31 | WordPress Notification Bar, Sticky Notification Bar, Sticky Welcome Bar for any theme plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31611 | 2025-03-31 | WordPress Auto Post After Image Upload plugin <= 1.6 - Broken Access Control vulnerability |
| CVE-2025-31613 | 2025-03-31 | WordPress AB Google Map Travel plugin <= 4.6 - CSRF to Stored XSS vulnerability |
| CVE-2025-31614 | 2025-03-31 | WordPress Terms Before Download plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31615 | 2025-03-31 | WordPress Simple Contact Forms plugin <= 1.6.4 - CSRF to Stored XSS vulnerability |
| CVE-2025-31616 | 2025-03-31 | WordPress Varnish WordPress plugin <= 1.7 - CSRF to Stored XSS vulnerability |
| CVE-2025-31617 | 2025-03-31 | WordPress PostmarkApp Email Integrator plugin <= 2.4 - CSRF to Stored XSS vulnerability |
| CVE-2025-31618 | 2025-03-31 | WordPress Connector to CiviCRM with CiviMcRestFace plugin <= 1.0.9 - Broken Access Control vulnerability |
| CVE-2025-31620 | 2025-03-31 | WordPress CoverManager plugin <= 0.0.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31621 | 2025-03-31 | WordPress byBrick Accordion plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31623 | 2025-03-31 | WordPress Rich Text Editor plugin <= 1.0.1 - CSRF to Stored XSS vulnerability |
| CVE-2025-31624 | 2025-03-31 | WordPress Processing Projects plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31625 | 2025-03-31 | WordPress Useinfluence plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-31627 | 2025-03-31 | WordPress Media Library Assistant plugin <= 3.24 - Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-31629 | 2025-03-31 | WordPress Infusionsoft Web Form JavaScript plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-2996 | 2025-03-31 | Tenda FH1202 Web Management Interface SysToolDDNS access control |
| CVE-2023-0881 | 2025-03-31 | DDoS in Ubuntu package linux-bluefield |
| CVE-2025-2997 | 2025-03-31 | zhangyanbo2007 youkefu url server-side request forgery |
| CVE-2025-2998 | 2025-03-31 | PyTorch torch.nn.utils.rnn.pad_packed_sequence memory corruption |
| CVE-2024-12021 | 2025-03-31 | Stored Cross-Site Scripting |
| CVE-2025-2999 | 2025-03-31 | PyTorch torch.nn.utils.rnn.unpack_sequence memory corruption |
| CVE-2023-33302 | 2025-03-31 | A buffer copy without checking size of input ('classic buffer... |
| CVE-2025-3000 | 2025-03-31 | PyTorch torch.jit.script memory corruption |
| CVE-2025-27095 | 2025-03-31 | JumpServer has a Kubernetes Token Leak Vulnerability |