CVE-2026-4003

CVE-2026-4003 affects the WordPress plugin Users manager – PN up to v1.1.15. A flawed authorization path in userspn_ajax_nopriv_server() for the userspn_form_save case allows unauthenticated callers (with a non-empty user_id) to bypass auth checks and call update_user_meta(), enabling arbitrary u...

WordPress plugin Users manager – PN 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

EUVD-2026-9832

Missing Authorization, Missing Authentication for Critical Function vulnerability in rustdesk-server RustDesk Server rustdesk-server, rustdesk-server-pro on hbbs/hbbr on all server platforms Rendezvous server hbbs, relay server hbbr modules allows Privilege Abuse. This vulnerability is associated...

CVE-2026-30784 RustDesk hbbs/hbbr Servers Broker Connections Without Any Authorization Check

Missing Authorization, Missing Authentication for Critical Function vulnerability in rustdesk-server RustDesk Server rustdesk-server, rustdesk-server-pro on hbbs/hbbr on all server platforms Rendezvous server hbbs, relay server hbbr modules allows Privilege Abuse. This vulnerability is associated...

CVE-2026-30784 RustDesk hbbs/hbbr Servers Broker Connections Without Any Authorization Check

Missing Authorization, Missing Authentication for Critical Function vulnerability in rustdesk-server RustDesk Server rustdesk-server, rustdesk-server-pro on hbbs/hbbr on all server platforms Rendezvous server hbbs, relay server hbbr modules allows Privilege Abuse. This vulnerability is associated...

RustDesk 安全漏洞

RustDesk is a remote access and control software developed by RustDesk personal developers. It is primarily written in Rust and allows for remote maintenance of computers and other devices. Versions of RustDesk 1.7.5 and earlier, as well as 1.1.15 and earlier, have security vulnerabilities. These...

PT-2026-23465

Missing Authorization, Missing Authentication for Critical Function vulnerability in rustdesk-server RustDesk Server rustdesk-server, rustdesk-server-pro on hbbs/hbbr on all server platforms Rendezvous server hbbs, relay server hbbr modules allows Privilege Abuse. This vulnerability is associated...

PT-2026-23456

Improper Restriction of Excessive Authentication Attempts, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux Peer authentication, API login modules, rustdesk-server RustDesk Server OSS...

FnOS-exploit

FnOS Path Traversal Vulnerability Exploitation Random File Re...

CVE-2025-69058 WordPress PartyMaker theme <= 1.1.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes PartyMaker partymaker allows PHP Local File Inclusion.This issue affects PartyMaker: from n/a through = 1.1.15...

CVE-2025-69058 WordPress PartyMaker theme <= 1.1.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes PartyMaker partymaker allows PHP Local File Inclusion.This issue affects PartyMaker: from n/a through = 1.1.15...

CVE-2025-69058

CVE-2025-69058 is a reported Local File Inclusion in the WordPress theme PartyMaker (AncoraThemes), arising from improper control of the filename used in PHP include/require. Affected: PartyMaker versions up to and including 1.1.15. The CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) yields...

WordPress plugin PartyMaker has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

ai.houyi:dorado (>=0.0.1 <=0.0.8), ai.houyi:dorado-core (>=0.0.11 <=0.0.51) +3600 more potentially affected by CVE-2025-70974 via com.alibaba:fastjson (>=1.1.15 <=1.2.47)

com.alibaba:fastjson MAVEN version =1.1.15, =0.0.1, =0.0.11, =0.0.16, =0.0.1, =0.0.14, =0.0.47, =0.0.14, =0.3.0, =3.0.0, =1.0.0, =1.0.1, =1.0.2 and more Source cves: CVE-2025-70974 Source advisory: SNYK:JAVA-COMALIBABA-14908847...

WordPress PartyMaker theme <= 1.1.15 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme PartyMaker versions = 1.1.15...

CVE-2025-64294

Missing Authorization vulnerability in d3wp WP Snow Effect wp-snow-effect allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Snow Effect: from n/a through = 1.1.19...

WordPress plugin WP Snow Effect 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-44762

Name of the Vulnerable Software and Affected Versions WP Snow Effect versions through 1.1.15 Description A missing authorization issue exists in d3wp WP Snow Effect, allowing access to functionality not properly constrained by Access Control Lists ACLs. This allows unauthorized access to...

EUVD-2023-28465

Malicious code in bioql PyPI...

EUVD-2025-28290

Malicious code in bioql PyPI...