CVE-2025-13387

The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer name in all versions up to, and including, 1.5.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2025-13387 Kadence WooCommerce Email Designer <= 1.5.17 - Unauthenticated Stored Cross-Site Scripting

The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer name in all versions up to, and including, 1.5.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2025-13387 Kadence WooCommerce Email Designer <= 1.5.17 - Unauthenticated Stored Cross-Site Scripting

The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer name in all versions up to, and including, 1.5.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

EUVD-2025-200181

The Kadence WooCommerce Email Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer name in all versions up to, and including, 1.5.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

EUVD-2019-10573

Malware in sbrugna...

EUVD-2023-0616

Malicious code in bioql PyPI...

Amazon Linux 2 : memcached, --advisory ALAS2MEMCACHED1.5-2025-001 (ALASMEMCACHED1.5-2025-001)

The version of memcached installed on the remote host is prior to 1.5.17-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2MEMCACHED1.5-2025-001 advisory. Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted...

Linux Distros Unpatched Vulnerability : CVE-2019-20020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17. CVE-2019-20020 Note that Nessus relies on the presence of the...

Linux Distros Unpatched Vulnerability : CVE-2019-20018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17. CVE-2019-20018 Note that Nessus relies on the presence of the package a...

WordPress Kadence WooCommerce Email Designer Plugin <= 1.5.16 - Privilege Escalation Vulnerability

Privilege Escalation Vulnerability discovered by Denver Jackson in WordPress Plugin Kadence WooCommerce Email Designer versions = 1.5.16...

CVE-2023-0827

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 1.5.17...

PT-2025-3233 · WordPress · Wp Securesubmit

Name of the Vulnerable Software and Affected Versions: WP SecureSubmit versions prior to 1.5.17 Description: The issue is related to a missing authorization vulnerability in WP SecureSubmit. This problem affects WP SecureSubmit versions prior to 1.5.17. Recommendations: For versions prior to...

WordPress Lightweight Accordion Plugin <= 1.5.16 is vulnerable to Cross Site Scripting (XSS)

Software Lightweight Accordion Type Plugin Vulnerable versions = 1.5.16 Fixed in 1.5.17 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2436 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b6e6c77a276d Credits Krzysztof Zając...

PT-2024-22609 · Symfony +1 · Symfony1 +1

Name of the Vulnerable Software and Affected Versions: Symfony1 versions 1.3.0 through 1.5.17 Description: This issue is related to a gadget chain in Symfony1 due to a vulnerable Swift Mailer dependency. The vulnerability allows an attacker to achieve remote code execution if a developer...

PT-2024-20058 · Pandasai · Pandasai

Name of the Vulnerable Software and Affected Versions: PandasAI aka pandas-ai versions 1.5.17 and earlier Description: The issue allows attackers to trigger the generation of arbitrary Python code that is executed by SDFCodeExecutor. An attacker can create a dataframe that provides an English...

SUSE CVE-2019-20017

A stack-based buffer over-read was discovered in MatVarReadNextInfo5 in mat5.c in matio 1.5.17...

SUSE CVE-2019-20020

A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17...

SUSE CVE-2020-19497

Integer overflow vulnerability in MatVarReadNextInfo5 in mat5.c in tbeu matio aka MAT File I/O Library 1.5.17, allows attackers to cause a Denial of Service or possibly other unspecified impacts...

CVE-2023-0827

Cross-site Scripting XSS - Stored in GitHub repository pimcore/pimcore prior to 1.5.17...

Pimcore 跨站脚本漏洞

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce frameworks and product information management applications. A cross-site scripting vulnerability exists in...