EUVD-2026-20041

The Investi plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'investi-announcements-accordion' shortcode's 'maximum-num-years' attribute in all versions up to, and including, 1.0.26. This is due to insufficient input sanitization and output escaping on user-supplied...

WordPress plugin Investi 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

phpseclib 安全漏洞

phpseclib is an open-source PHP security communication library developed by phpseclib. Versions of phpseclib starting from 1.0.26, 2.0.0 to 2.0.51, and 3.0.0 to 3.0.49 contain security vulnerabilities. These vulnerabilities stem from a timing attack that occurs when using the AES CBC mode...

EUVD-2015-7213

Malware in sbrugna...

EUVD-2025-27445

Malicious code in bioql PyPI...

CVE-2025-39523

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in GoodBarber GoodBarber goodbarber.This issue affects GoodBarber: from n/a through = 1.0.26...

CVE-2025-39523 WordPress GoodBarber plugin <= 1.0.26 - Open Redirection Vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in GoodBarber GoodBarber goodbarber.This issue affects GoodBarber: from n/a through = 1.0.26...

PT-2025-36758

Name of the Vulnerable Software and Affected Versions: GoodBarber versions n/a through 1.0.26 Description: The software contains a URL Redirection to Untrusted Site 'Open Redirect' issue. This allows an attacker to redirect users to a malicious website. Recommendations: Update GoodBarber to a...

WordPress GoodBarber plugin <= 1.0.26 - Open Redirection Vulnerability

Open Redirection Vulnerability discovered by Le Ngoc Anh in WordPress Plugin GoodBarber versions = 1.0.26...

WordPress PayGreen Payment Gateway plugin <= 1.0.26 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin PayGreen Payment Gateway versions = 1.0.26...

PrestaShop Security Breach

PrestaShop is an open source e-commerce solution from the American company PrestaShop. The solution provides multiple payment methods, short message alerts and product image zoom. PrestaShop Bulk Export products to Google Merchant - A security vulnerability exists in Google Shopping version 1.0.2...

OPENSUSE-SU-2024:10470-1 libsndfile-progs-1.0.26-2.4 on GA media

These are all security issues fixed in the libsndfile-progs-1.0.26-2.4 package on the GA media of openSUSE Tumbleweed...

WordPress Plugin Piotnet Forms Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2020-14101

The data collection SDK of the router web management interface caused the leakage of the token. This affects Xiaomi router AX1800rom version 1.0.336 and Xiaomi route RM1800 root version 1.0.26...

CVE-2020-14101

The data collection SDK of the router web management interface caused the leakage of the token. This affects Xiaomi router AX1800rom version 1.0.336 and Xiaomi route RM1800 root version 1.0.26...

Xiaomi AX1800 Security Vulnerability

The Xiaomi AX1800 is a router from the Chinese company Xiaomi Xiaomi. A security vulnerability exists in the Xiaomi router that stems from an issue where the time is not synchronized after a router reboot, which can bypass login authentication. The following products and versions are affected:...

CVE-2017-16942

In libsndfile 1.0.25 fixed in 1.0.26, a divide-by-zero error exists in the function wavw64readfmtchunk in wavw64.c, which may lead to DoS when playing a crafted audio file...

ReadyNet WRT300N-DD devices with firmware license issue vulnerability

ReadyNet WRT300N-DD devices with firmware is a wireless router product from ReadyNet New Zealand. An authorization issue vulnerability exists in ReadyNet WRT300N-DD devices with firmware 1.0.26. This allows remote attackers to gain administrative privileges by exploiting a LAN session...

ReadyNet WRT300N-DD devices with firmware spoofing vulnerability

ReadyNet WRT300N-DD devices with firmware is a wireless router product from ReadyNet New Zealand. A spoofing vulnerability exists in ReadyNet WRT300N-DD devices with firmware 1.0.26. Since the devices use the same source port for DNS lookups, a remote attacker could select this number as the...

CVE-2015-7281

Cross-site request forgery CSRF vulnerability on ReadyNet WRT300N-DD devices with firmware 1.0.26 allows remote attackers to hijack the authentication of arbitrary users...