CVE-2026-1821

The Microtango plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'restkey' parameter of the mtreservation shortcode in all versions up to, and including, 0.9.29 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2026-1821 Microtango <= 0.9.29 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Microtango plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'restkey' parameter of the mtreservation shortcode in all versions up to, and including, 0.9.29 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

WordPress plugin Microtango 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress Microtango plugin <= 0.9.29 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Microtango versions = 0.9.29...

asn1c 安全漏洞

asn1c is an ASN.1 compiler by Lev Walkin Personal Developer. A security vulnerability exists in asn1c version 0.9.29 and earlier, which stems from the UPER decoder not properly enforcing the INTEGER constraint, which could lead to processing of malicious input...

PT-2025-34448 · Mouse07410 · Asn1C

Name of the Vulnerable Software and Affected Versions: mouse07410 asn1c versions through 0.9.29 Description: An issue was discovered in decoders generated by asn1c. When using UPER Unaligned Packed Encoding Rules, the decoders fail to enforce constraints on INTEGER values if the positive bound...

WordPress YAHMAN Add-ons Plugin <= 0.9.28 is vulnerable to Backdoor

Software YAHMAN Add-ons Type Plugin Vulnerable versions = 0.9.28 Fixed in 0.9.29 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 26c7f39721f9 Credits Sansec.io Required privilege Unauthenticated Published 3 July,...

asn1c 缓冲区错误漏洞

asn1c is an ASN.1 compiler by the individual developer Lev Walkin. A security vulnerability exists in asn1c v0.9.28 and earlier, which stems from a stack-based buffer overflow in the function genhashget in genhash.c. The vulnerability is caused by a stack-based buffer overflow in the function...