Publicly disclosed vulnerabilities discovered by or reported to Fluid Attacks

Buscar por término

Search filters

Discovered by

All

Severity

All

XSS in Laundry allows to perform an Account Takeover

5.1

Medium

CVE-2025-52842

Published date:

2 jul 2025

Discovered by

Carlos Bello

CSRF in Laundry allows to perform an account takeover

8.5

High

CVE-2025-52841

Published date:

2 jul 2025

Discovered by

Carlos Bello

A Capture Contact Form (and tab) - Insecure deserialization

1.7

Low

CVE-2025-31287

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Click-to-Call for Twilio - Reflected XSS

4.8

Medium

CVE-2025-31288

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

AIO Cache and Performance - Reflected XSS

4.8

Medium

CVE-2025-31289

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Church Admin - Insecure deserialization

1.7

Low

CVE-2025-31290

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Batch Validator - Reflected cross-site scripting (XSS)

4.8

Medium

CVE-2025-31291

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Content.ad - Reflected cross-site scripting (XSS)

4.8

Medium

CVE-2025-31292

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Cargar más

Buscar por término

Search filters

Discovered by

All

Severity

All

XSS in Laundry allows to perform an Account Takeover

5.1

Medium

CVE-2025-52842

Published date:

2 jul 2025

Discovered by

Carlos Bello

CSRF in Laundry allows to perform an account takeover

8.5

High

CVE-2025-52841

Published date:

2 jul 2025

Discovered by

Carlos Bello

A Capture Contact Form (and tab) - Insecure deserialization

1.7

Low

CVE-2025-31287

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Click-to-Call for Twilio - Reflected XSS

4.8

Medium

CVE-2025-31288

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

AIO Cache and Performance - Reflected XSS

4.8

Medium

CVE-2025-31289

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Church Admin - Insecure deserialization

1.7

Low

CVE-2025-31290

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Batch Validator - Reflected cross-site scripting (XSS)

4.8

Medium

CVE-2025-31291

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Content.ad - Reflected cross-site scripting (XSS)

4.8

Medium

CVE-2025-31292

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Cargar más

Buscar por término

Search filters

Discovered by

All

Severity

All

XSS in Laundry allows to perform an Account Takeover

5.1

Medium

CVE-2025-52842

Published date:

2 jul 2025

Discovered by

Carlos Bello

CSRF in Laundry allows to perform an account takeover

8.5

High

CVE-2025-52841

Published date:

2 jul 2025

Discovered by

Carlos Bello

A Capture Contact Form (and tab) - Insecure deserialization

1.7

Low

CVE-2025-31287

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Click-to-Call for Twilio - Reflected XSS

4.8

Medium

CVE-2025-31288

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

AIO Cache and Performance - Reflected XSS

4.8

Medium

CVE-2025-31289

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Church Admin - Insecure deserialization

1.7

Low

CVE-2025-31290

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Batch Validator - Reflected cross-site scripting (XSS)

4.8

Medium

CVE-2025-31291

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Content.ad - Reflected cross-site scripting (XSS)

4.8

Medium

CVE-2025-31292

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Cargar más

Buscar por término

Search filters

Discovered by

All

Severity

All

XSS in Laundry allows to perform an Account Takeover

5.1

Medium

CVE-2025-52842

Published date:

2 jul 2025

Discovered by

Carlos Bello

CSRF in Laundry allows to perform an account takeover

8.5

High

CVE-2025-52841

Published date:

2 jul 2025

Discovered by

Carlos Bello

A Capture Contact Form (and tab) - Insecure deserialization

1.7

Low

CVE-2025-31287

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Click-to-Call for Twilio - Reflected XSS

4.8

Medium

CVE-2025-31288

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

AIO Cache and Performance - Reflected XSS

4.8

Medium

CVE-2025-31289

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Church Admin - Insecure deserialization

1.7

Low

CVE-2025-31290

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Batch Validator - Reflected cross-site scripting (XSS)

4.8

Medium

CVE-2025-31291

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Content.ad - Reflected cross-site scripting (XSS)

4.8

Medium

CVE-2025-31292

Published date:

14 mar 2025

Detected by

Fluid Attacks SAST Scanner,

disclosed by

Andres Roldan

Cargar más

Learn about our policy for disclosing advisories of vulnerabilities in third-party, open-source products.

Inicia tu prueba gratuita de 21 días

Descubre los beneficios de nuestra solución Hacking Continuo, de la que ya disfrutan empresas de todos los tamaños.

Inicia tu prueba gratuita de 21 días

Descubre los beneficios de nuestra solución Hacking Continuo, de la que ya disfrutan empresas de todos los tamaños.

Inicia tu prueba gratuita de 21 días

Descubre los beneficios de nuestra solución Hacking Continuo, de la que ya disfrutan empresas de todos los tamaños.

Las soluciones de Fluid Attacks permiten a las organizaciones identificar, priorizar y remediar vulnerabilidades en su software a lo largo del SDLC. Con el apoyo de la IA, herramientas automatizadas y pentesters, Fluid Attacks acelera la mitigación de la exposición al riesgo de las empresas y fortalece su postura de ciberseguridad.

SOC 2 Type II

SOC 3

Suscríbete a nuestro boletín

Mantente al día sobre nuestros próximos eventos y los últimos blog posts, advisories y otros recursos interesantes.

Las soluciones de Fluid Attacks permiten a las organizaciones identificar, priorizar y remediar vulnerabilidades en su software a lo largo del SDLC. Con el apoyo de la IA, herramientas automatizadas y pentesters, Fluid Attacks acelera la mitigación de la exposición al riesgo de las empresas y fortalece su postura de ciberseguridad.

SOC 2 Type II

SOC 3

Suscríbete a nuestro boletín

Mantente al día sobre nuestros próximos eventos y los últimos blog posts, advisories y otros recursos interesantes.

Las soluciones de Fluid Attacks permiten a las organizaciones identificar, priorizar y remediar vulnerabilidades en su software a lo largo del SDLC. Con el apoyo de la IA, herramientas automatizadas y pentesters, Fluid Attacks acelera la mitigación de la exposición al riesgo de las empresas y fortalece su postura de ciberseguridad.

SOC 2 Type II

SOC 3

Suscríbete a nuestro boletín

Mantente al día sobre nuestros próximos eventos y los últimos blog posts, advisories y otros recursos interesantes.