CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2025-69117
High

There is an unauthenticated local file inclusion vulnerability in Ingenioso versions <= 1.14.0.

CVE-2025-69116
High

Iona versions up to 1.0.8 are vulnerable to unauthenticated local file inclusion.

CVE-2025-69114
High

There is an unauthenticated local file inclusion vulnerability in MaxiNet versions <= 1.2.10.

CVE-2025-69113
High

There is an unauthenticated local file inclusion vulnerability in Nexio versions <= 1.10.0.

CVE-2025-69112
High

There is an unauthenticated local file inclusion vulnerability in Planty versions <= 1.14.0.

CVE-2025-69110
High

There is an unauthenticated local file inclusion vulnerability in AirSupply versions <= 2.0.0.

CVE-2025-69109
High

There is an unauthenticated local file inclusion vulnerability in Raider Spirit <= 1.1.2 versions.

CVE-2025-69107
High

There is an unauthenticated local file inclusion vulnerability in Rosaleen versions <= 2.8.

CVE-2025-69105
High

Versions of Modernee <= 1.6.0 are vulnerable to unauthenticated local file inclusion.

CVE-2025-69104
High

Versions of Qreatix <= 1.9.4 are vulnerable to unauthenticated Cross Site Scripting (XSS). An attacker can exploit this vulnerability to inject malicious scripts in the context of the victim's browser.

CVE-2025-69103
High

In Brikk versions up to 3.0.0, there is a vulnerability that allows subscribers to delete arbitrary content.

CVE-2025-60223
High

In WPBot Pro, versions up to 13.6.5, there is a vulnerability allowing subscribers to delete arbitrary files.

CVE-2025-60085
High

There is a vulnerability in Learnify versions up to 1.15.0 that allows unauthenticated local file inclusion.

CVE-2025-59563
High

Versions of Sonaar up to 4.27.4 contain a vulnerability that allows subscriber privilege escalation.

CVE-2025-59560
High

Versions of Sonaar <= 4.27.4 are vulnerable to unauthenticated Cross Site Scripting (XSS). An attacker can exploit this vulnerability to inject malicious JavaScript code.

CVE-2025-58954
High

There is an unauthenticated local file inclusion vulnerability in HomeRoofer versions <= 2.11.0.

CVE-2025-58953
High

There is an unauthenticated local file inclusion vulnerability in Joly versions up to 1.22.0.

CVE-2025-58952
High

Neuronet versions below 1.14.0 contain a vulnerability for unauthenticated local file inclusion.

CVE-2025-58924
High

Versions of Geya <= 1.15 are vulnerable to unauthenticated local file inclusion, which may lead to the disclosure of sensitive information.

CVE-2025-49403
High

WordPress versions up to 3.0.2 have a vulnerability that allows unauthenticated arbitrary file download in the Premium Age Verification / Restriction plugin.

PreviousPage 105 of 3337Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS