CVE-2026-3178

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'namedirectoryname' parameter in all versions up to, and including, 1.32.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

WordPress Name Directory plugin <= 1.32.1 - Unauthenticated Stored Cross-Site Scripting via 'name_directory_name' vulnerability

Unauthenticated Stored Cross-Site Scripting via 'namedirectoryname' vulnerability discovered by Youssef Elouaer in WordPress Plugin Name Directory versions = 1.32.1...

EUVD-2026-11143

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'namedirectoryname' parameter in all versions up to, and including, 1.32.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2026-3178

The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'namedirectoryname' parameter in all versions up to, and including, 1.32.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

PT-2026-24666

🚨 CVE-2026-3178 The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name directory name' parameter in all versions up to, and including, 1.32.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attacker...

WordPress FiboSearch plugin <= 1.32.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by PPzzAArr in WordPress Plugin FiboSearch versions = 1.32.1...

PT-2025-52549

Name of the Vulnerable Software and Affected Versions FiboSearch – Ajax Search for WooCommerce plugin for WordPress versions prior to 1.32.1 Description The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is susceptible to Stored Cross-Site Scripting. The issue stems from inadequate...

EUVD-2023-0976

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-12470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wikimedia MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed log in RevisionDelete page is exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6...

Linux Distros Unpatched Vulnerability : CVE-2019-12468

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.27.0 through 1.32.1. Directly POSTing to Special:ChangeEmail would allow for...

Linux Distros Unpatched Vulnerability : CVE-2019-12471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Wikimedia MediaWiki 1.30.0 through 1.32.1 has XSS. Loading user JavaScript from a non-existent account allows anyone to create the account, and perform XSS on...

PT-2024-22150 · Deno · Deno

Name of the Vulnerable Software and Affected Versions: Deno versions 1.32.1 through 1.40.x Description: A maliciously crafted permission request can show a spoofed permission prompt by inserting a broken ANSI escape sequence into the request contents. Deno strips any ANSI escape sequences from th...

Design/Logic Flaw

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in the wild, as the...

Deno improperly handles resizable ArrayBuffer

Impact Resizable ArrayBuffers passed to asynchronous native functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in the wild, as the only version affected is Deno 1.32.0. Deno Deploy users are not...

Deno 缓冲区错误漏洞

Deno is open source a simple , modern and secure JavaScript and TypeScript runtime environment . It uses V8 and is built with Rust. A security vulnerability exists in Deno versions prior to 1.32.1, which stems from a resizable array passed to an asynchronous function being shrunk during an...

PT-2023-2318 · Deno · Deno

Name of the Vulnerable Software and Affected Versions: Deno version 1.32.0 Description: The issue is related to resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation, which could result in an out-of-bound read/write. It is unlikely that this has...

Jenkins GitHub Pull Request Builder Plugin

GitHub Pull Request Builder Plugin stored the webhook secret shared between Jenkins and GitHub in plain text. This allowed users with Jenkins controller local file system access and Jenkins administrators to retrieve the stored password. The latter could result in exposure of the passwords throug...

Ubuntu 16.04 ESM : BusyBox vulnerability (USN-5179-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5179-2 advisory. USN-5179-1 fixed vulnerabilities in BusyBox. This update provides the corresponding updates for Ubuntu 16.04 ESM. Tenable has extracted the preceding description...

BusyBox 安全漏洞

BusyBox is a suite of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian individual developer. A security vulnerability exists in BusyBox through 1.32.1, which stems from incorrectly handling the wrong bit on the huft build result pointer, leading to invalid...

MediaWiki >= 1.30.0, <= 1.32.1 XSS Vulnerability - Linux

MediaWiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...