CVE-2026-0722

CVE-2026-0722: Shield Security for WordPress has a CSRF to SQL Injection vulnerability in versions up to 21.0.8 due to nonce verification bypass in isNonceVerifyRequired, enabling unauthenticated attackers to extract data via forged requests when a site admin is tricked into action. The issue is ...

CVE-2023-0722

The Wicked Folders plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.18.16. This is due to missing or incorrect nonce validation on the ajaxsavestate function. This makes it possible for unauthenticated attackers to invoke this function via forge...

CVE-2020-0722

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0723, CVE-2020-0724,...

CVE-2025-0722

A vulnerability classified as critical was found in needyamin imagegallery 1.0. This vulnerability affects unknown code of the file /admin/gallery.php of the component Cover Image Handler. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. T...

CVE-2025-0722

Affected product: needyamin image_gallery 1.0. The vulnerability exists in the Cover Image Handler component, specifically /admin/gallery.php, where manipulating the image argument enables unrestricted uploads. The issue is exploitable remotely, with public disclosures already available. Root cau...

CVE-2025-0722 needyamin image_gallery Cover Image gallery.php unrestricted upload

A vulnerability classified as critical was found in needyamin imagegallery 1.0. This vulnerability affects unknown code of the file /admin/gallery.php of the component Cover Image Handler. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. T...

CVE-2025-0722 needyamin image_gallery Cover Image gallery.php unrestricted upload

A vulnerability classified as critical was found in needyamin imagegallery 1.0. This vulnerability affects unknown code of the file /admin/gallery.php of the component Cover Image Handler. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. T...

Photon OS 3.0: Dbus PHSA-2024-3.0-0722

An update of the dbus package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0722. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Moderate Photon OS Security Update - PHSA-2024-3.0-0722

Updates of 'squid', 'dbus' packages of Photon OS have been released...

CVE-2024-0722

creationtimestamp| type| source ---|---|--- 2024-01-19 18:22:06+00:00| seen| https://t.me/ctinow/170323 2024-01-25 23:16:24+00:00| seen| https://t.me/ctinow/173858 2024-02-15 08:41:09+00:00| seen| https://t.me/ctinow/185342...

CVE-2024-0722

A vulnerability was found in code-projects Social Networking Site 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file message.php of the component Message Page. The manipulation of the argument Story leads to cross site scripting. The attack may be...

CVE-2024-0722

CVE-2024-0722 concerns code-projects Social Networking Site 1.0, where the vulnerability resides in the message.php component of the Message Page. The issue arises from manipulating the Story argument, enabling cross-site scripting (XSS). Documents consistently state the vulnerability can be expl...

CVE-2021-0722

CVE-2021-0722 is listed in the Android 12 Security Release Notes under the System component with type Elevation of Privilege (EoP) and a Moderate severity, referenced by Android bug ID A-191174082. The Android bulletin confirms these issues were fixed as part of Android 12, and notes that devices...

CVE-2023-0722

creationtimestamp| type| source ---|---|--- 2023-02-08 07:23:53+00:00| seen| https://t.me/cibsecurity/57751...

CVE-2023-0722

CVE-2023-0722 affects the WordPress plugin Wicked Folders. A CSRF vulnerability arises from missing/incorrect nonce validation in the ajax_save_state function, allowing unauthenticated attackers to trick an admin into performing actions (e.g., altering folder structure) via forged requests. Affec...

WordPress Wicked Folders Plugin <= 2.18.16 is vulnerable to Cross Site Request Forgery (CSRF)

Software Wicked Folders Type Plugin Vulnerable versions = 2.18.16 Fixed in 2.18.17 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-0722 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 7e061023b7ce Credits Marco Wotschka...

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

CVE-2022-0722 Exposure of Sensitive Information to an Unauthorized Actor in ionicabizau/parse-url

Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url prior to 7.0.0...

CVE-2022-0722

CVE-2022-0722 affects the parse-url library in the GitHub repo ionicabizau/parse-url prior to version 7.0.0, enabling exposure of sensitive information to an unauthorized actor. The vulnerability is a client-visible information disclosure, capable of being triggered by crafted requests that leak ...

SUSE: Security Advisory (SUSE-SU-2022:0722-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...