WordPress Gmedia Photo Gallery Plugin < 1.20.0 - Cross-Site Scripting

The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise and escape the album's name before outputting it in pages or posts with a media embed, which could allow high privilege users such as admin to perform Cross-Site Scripting XSS attacks even when the unfiltered-html capabilit...

CVE-2026-0873 Privilege Elevation in Ercom Cryptobox administration console

On a Cryptobox platform where administrator segregation based on entities is used, some vulnerabilities in Ercom Cryptobox administration console allows an authenticated entity administrator with knowledge to elevate his account to global administrator...

CVE-2025-0873

A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /customeredit.php. The manipulation of the argument id/address/fullname/phonenumber/email/city/comment leads to sql injection. T...

CVE-2021-0873

In PVRSRVBridgeRGXKickRS of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Linux Distros Unpatched Vulnerability : CVE-2013-0873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The readheader function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid channel count, relat...

CVE-2025-0873

A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /customeredit.php. The manipulation of the argument id/address/fullname/phonenumber/email/city/comment leads to sql injection. T...

CVE-2025-0873

creationtimestamp| type| source ---|---|--- 2025-01-30 17:05:41+00:00| seen| https://infosec.exchange/users/cve/statuses/113918393787338744 2025-01-30 17:15:47+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgxydvf6mk2h 2025-01-30 19:12:36+00:00|...

CVE-2025-0873 itsourcecode Tailoring Management System customeredit.php sql injection

A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /customeredit.php. The manipulation of the argument id/address/fullname/phonenumber/email/city/comment leads to sql injection. T...

RHEL 5 : qffmpeg (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - qffmpeg: Invalid free in libavcodec/shorten.c due to invalid channel count CVE-2013-0873 - qffmpeg: out o...

CVE-2024-0873

The Watu Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'watu-basic-chart' shortcode in all versions up to, and including, 3.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2024-0873

CVE-2024-0873: Watu Quiz (WordPress) is vulnerable to Stored Cross-Site Scripting via the watu-basic-chart shortcode on versions up to 3.4.1. Authenticated users with contributor+ privileges can inject scripts that run when other users load the page. The Wordfence entry notes a patch is available...

CVE-2023-0873

creationtimestamp| type| source ---|---|--- 2023-06-27 18:12:04+00:00| seen| https://t.me/cibsecurity/65572...

CVE-2023-0873

The Kanban Boards for WordPress plugin before 2.5.21 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-0873 Kanban Boards for WordPress < 2.5.21 - Admin+ Stored XSS

The Kanban Boards for WordPress plugin before 2.5.21 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-0873 Kanban Boards for WordPress < 2.5.21 - Admin+ Stored XSS

The Kanban Boards for WordPress plugin before 2.5.21 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-0873

The CVE-2023-0873 entry concerns the WordPress Kanban Boards plugin prior to version 2.5.21, where the plugin fails to sanitize and escape certain settings. This can enable Stored Cross-Site Scripting (Stored XSS) by high-privilege users (e.g., admins), including in multisite environments where u...

WordPress Kanban Boards for WordPress Plugin < 2.5.21 is vulnerable to Cross Site Scripting (XSS)

Software Kanban Boards for WordPress Type Plugin Vulnerable versions 2.5.21 Fixed in 2.5.21 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0873 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 29201871ee56 Credits Shreya Pohek...

CVE-2021-0873

In PVRSRVBridgeRGXKickRS of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2021-0873

In PVRSRVBridgeRGXKickRS of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2021-0873

CVE-2021-0873 : A missing size check in PVRSRVBridgeRGXKickRS within the PowerVR kernel driver can cause an integer overflow, enabling out-of-bounds heap access. This may permit local escalation of privilege with no additional execution privileges required and without user interaction. The issue ...