CVE-2025-7704

by | Nov 13, 2025

Supermicro BMC Insyde SMASH shell program has a stacked-based overflow vulnerability

Missing Authorization vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetFormBuilder: from n/a through <= 3.5.3.

CVE-2025-64383

by | Nov 13, 2025

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Qode Qi Blocks qi-blocks allows Stored XSS.This issue affects Qi Blocks: from n/a through <= 1.4.3.

CVE-2025-64382

by | Nov 13, 2025

Missing Authorization vulnerability in WebToffee Order Export & Order Import for WooCommerce order-import-export-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Export & Order Import for...

CVE-2025-64381

by | Nov 13, 2025

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in wpdevelop Booking Calendar booking allows Stored XSS.This issue affects Booking Calendar: from n/a through <= 10.14.7.

CVE-2025-7704

CVE-2025-64384

CVE-2025-64383

CVE-2025-64382

CVE-2025-64381