42 matches found
WordPress plugin Easy Image Collage 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2026-28794
oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.6, a prototype pollution vulnerability exists in the RPC JSON deserializer of the @orpc/client package. The vulnerability allows unauthenticated, remote attackers to inject...
CVE-2026-28794 oRPC: Prototype Pollution in `@orpc/client` via `StandardRPCJsonSerializer` Deserialization
oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.6, a prototype pollution vulnerability exists in the RPC JSON deserializer of the @orpc/client package. The vulnerability allows unauthenticated, remote attackers to inject...
CVE-2026-28794 oRPC: Prototype Pollution in `@orpc/client` via `StandardRPCJsonSerializer` Deserialization
oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.6, a prototype pollution vulnerability exists in the RPC JSON deserializer of the @orpc/client package. The vulnerability allows unauthenticated, remote attackers to inject...
CVE-2026-28794 oRPC: Prototype Pollution in `@orpc/client` via `StandardRPCJsonSerializer` Deserialization
oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.6, a prototype pollution vulnerability exists in the RPC JSON deserializer of the @orpc/client package. The vulnerability allows unauthenticated, remote attackers to inject...
WordPress Elementor Addon Elements plugin <= 1.13.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Webbernaut in WordPress Plugin Elementor Addon Elements versions = 1.13.6...
CVE-2024-47366
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPVibes Elementor Addon Elements addon-elements-for-elementor-page-builder allows Stored XSS.This issue affects Elementor Addon Elements: from n/a through = 1.13.6...
CVE-2024-47361
Missing Authorization vulnerability in WPVibes Elementor Addon Elements addon-elements-for-elementor-page-builder.This issue affects Elementor Addon Elements: from n/a through = 1.13.6...
CVE-2024-47361
Missing Authorization vulnerability in WPVibes Elementor Addon Elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Addon Elements: from n/a through 1.13.6...
WordPress plugin Elementor Addon Elements 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
CVE-2024-47366
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WPVibes Elementor Addon Elements allows Stored XSS.This issue affects Elementor Addon Elements: from n/a through 1.13.6...
CVE-2024-47366
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPVibes Elementor Addon Elements addon-elements-for-elementor-page-builder allows Stored XSS.This issue affects Elementor Addon Elements: from n/a through = 1.13.6...
PT-2024-32583 · WordPress · Wpvibes Elementor Addon Elements
Name of the Vulnerable Software and Affected Versions: WPVibes Elementor Addon Elements versions 1.13.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...
WordPress Elementor Addon Elements plugin <= 1.13.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Elementor Addon Elements versions = 1.13.6...
WordPress Elementor Addon Elements plugin <= 1.13.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Elementor Addon Elements versions = 1.13.6...
WordPress Elementor Addon Elements Plugin <= 1.13.6 is vulnerable to Cross Site Scripting (XSS)
Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.13.6 Fixed in 1.13.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47366 Patch priority Low CVSS severity Low 6.5 Developer WPVibes PSID e5b93a793554 Credits João Pedro S Alcântara Kinorth...
PT-2024-38091 · WordPress · Elementor Addon Elements
Name of the Vulnerable Software and Affected Versions: Elementor Addon Elements plugin for WordPress versions up to, and including, 1.13.6 Description: The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets due to insufficient input...
Cilium Security Vulnerabilities
Cilium is an open source software. It is used to provide and transparently secure network connectivity and load balancing between application workloads, such as application containers or processes. Cilium suffers from a security vulnerability that stems from allowing an attacker to conduct a deni...
Debian: Security Advisory (DLA-157-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-42010 affecting package dbus 1.13.6-5
CVE-2022-42010 affecting package dbus 1.13.6-5. A patched version of the package is available...