TOZED ZLT M30S 安全漏洞

TOZED ZLT M30S is a mobile WiFi router from China's Tongze Kangwei TOZED. A security vulnerability exists in TOZED ZLT M30S version 1.47 and earlier, which stems from the presence of an improperly access-controlled on-chip debug and test interface in the UART Interface component, which could lead...

PT-2025-53406

Name of the Vulnerable Software and Affected Versions TOZED ZLT M30s versions up to 1.47 Description A flaw exists in TOZED ZLT M30s up to version 1.47 related to the UART Interface component. Manipulation of an unknown function within this component can lead to improper access control to the...

TOZED ZLT M30S和TOZED ZLT M30S PRO 信任管理问题漏洞

The TOZED ZLT M30S and TOZED ZLT M30S PRO are both mobile WiFi routers from China's Tongze Kangwei TOZED. A trust management issue vulnerability exists in TOZED ZLT M30S and TOZED ZLT M30S PRO versions 1.47 and 3.09.06, which stems from a hard-coded credentials issue that could lead to a local...

TOZED ZLT M30S和TOZED ZLT M30S PRO 安全漏洞

TOZED ZLT M30S and TOZED ZLT M30S PRO are both a mobile WiFi router from China's Tongze Kangwei TOZED. A security vulnerability exists in the TOZED ZLT M30S and TOZED ZLT M30S PRO versions 1.47 and 3.09.06, which stems from incorrect manipulation of the parameter goformId in the file...

CVE-2025-11627

The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for WordPress is vulnerable to log file poisoning in all versions up to, and including, 1.47. This makes it possible for unauthenticated attackers to insert arbitrary content into log files, and potentially cause...

CVE-2025-11627 Site Checkup AI Troubleshooting with Wizard and Tips for Each Issue <= 1.47 - Unauthenticated Log File Poisoning

The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for WordPress is vulnerable to log file poisoning in all versions up to, and including, 1.47. This makes it possible for unauthenticated attackers to insert arbitrary content into log files, and potentially cause...

CVE-2025-11627 Site Checkup AI Troubleshooting with Wizard and Tips for Each Issue <= 1.47 - Unauthenticated Log File Poisoning

The Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue plugin for WordPress is vulnerable to log file poisoning in all versions up to, and including, 1.47. This makes it possible for unauthenticated attackers to insert arbitrary content into log files, and potentially cause...

WordPress Site Checkup AI Troubleshooting with Wizard and Tips for Each Issue plugin <= 1.47 - Unauthenticated Log File Poisoning vulnerability

Unauthenticated Log File Poisoning vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Site Checkup versions = 1.47...

WordPress plugin Site Checkup Debug AI Troubleshooting with Wizard and Tips for Each Issue Security Vulnerabilities

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

EUVD-2025-11745

Malicious code in bioql PyPI...

EUVD-2022-2372

Malicious code in bioql PyPI...

WordPress plugin FluentBoards 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

Malicious code in playwright-1.47 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 838a2bf47ce546affea44fb08edc2964e2c467300c9028a29fc869db92f92a23 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

app.cash.backfila:client-misk (>=0.1.0 <=2023.11.24.141218-0357917), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +1460 more potentially affected by CVE-2023-33202 via org.bouncycastle:bcprov-ext-jdk15on (>=1.47 <=1.70)

org.bouncycastle:bcprov-ext-jdk15on MAVEN version =1.47, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.3-20210805.0116-93702c4, =0.1.0, =2023.06.07.114626-93b9d6f, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =3.0.1, =2.10.0-11-1, =1.1.5, =1.0.2,...

GitLab 输入验证错误漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab versions 1.47 through prior to 3.0.5...

CVE-2022-4317

An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects...

WordPress We’re Open! Plugin <= 1.46 is vulnerable to Cross Site Scripting (XSS)

Software We’re Open! Type Plugin Vulnerable versions = 1.46 Fixed in 1.47 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25964 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7dec04029e56 Credits TaeEun Lee Required privilege...

app.cash.backfila:client-misk (>=0.1.0 <=0.1.4-20221128.2102-bdd85b6), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +591 more potentially affected by CVE-2020-15522 via org.bouncycastle:bcprov-ext-jdk15on (>=1.47 <=1.65)

org.bouncycastle:bcprov-ext-jdk15on MAVEN version =1.47, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.3-20210805.0116-93702c4, =0.1.0, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =0.0.1, =2.0.0 and more Source cves: CVE-2020-15522 Source advisor...

CVE-2021-24447

The WP Image Zoom WordPress plugin before 1.47 did not validate its tab parameter before using it in the includeonce function, leading to a local file inclusion issue in the admin dashboard...

SOPlanning Authentication Bypass Vulnerability

SOPlanning is an online planning tool for efficiently organizing projects and tasks. An authentication bypass vulnerability exists in SOPlanning 1.45 - 1.47. An attacker can exploit this vulnerability to completely bypass administrator and guest user authentication by forging a valid cookie...