CVE-2022-0268

Cross-site Scripting XSS - Stored in Packagist getgrav/grav prior to 1.7.28...

CVE-2025-66062

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Frank Goossens WP YouTube Lyte wp-youtube-lyte allows Phishing.This issue affects WP YouTube Lyte: from n/a through = 1.7.28...

CVE-2025-66062 WordPress WP YouTube Lyte plugin <= 1.7.28 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Frank Goossens WP YouTube Lyte wp-youtube-lyte allows Phishing.This issue affects WP YouTube Lyte: from n/a through = 1.7.28...

WordPress plugin WP YouTube Lyte 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2025-47737

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Frank Goossens WP YouTube Lyte wp-youtube-lyte allows Phishing.This issue affects WP YouTube Lyte: from n/a through = 1.7.28...

WordPress WP YouTube Lyte plugin <= 1.7.28 - Open Redirection vulnerability

Open Redirection vulnerability discovered by Nabil Irawan in WordPress Plugin WP YouTube Lyte versions = 1.7.28...

CVE-2025-64329

containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...

CVE-2025-64106 Cursor: Speedbump Modal Bypass in MCP Server Deep-Link

Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables specially crafted deep-links to bypass the standard security warnings and conceal executed commands from users if they choose to accept the...

PT-2025-45060

Name of the Vulnerable Software and Affected Versions Cursor versions 1.7.28 and below Description Cursor is a code editor designed for programming with AI. An input validation issue within Cursor’s MCP server installation allows maliciously crafted deep-links to circumvent standard security...

PT-2025-45348

Name of the Vulnerable Software and Affected Versions containerd versions 0.1.0 through 1.7.28 containerd versions 2.0.0-beta.0 through 2.0.6 containerd versions 2.1.0-beta.0 through 2.1.4 containerd versions 2.2.0-beta.0 through 2.2.0-rc.1 Description containerd is an open-source container runti...

EUVD-2021-2300

Malware in sbrugna...

EUVD-2024-42918

Malicious code in bioql PyPI...

EUVD-2022-0492

Malicious code in bioql PyPI...

Ubiquiti多款产品 安全漏洞

Ubiquiti UniFi Access Reader and others are products of Ubiquiti, U.S.A. Ubiquiti UniFi Access Reader is an access control system viewer device.Ubiquiti UniFi Access Intercom is an intercom system device. Ubiquiti UniFi Access Reader Pro is a card reader and access control intercom device. A...

CVE-2024-48046

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in supsystic Contact Form by Supsystic contact-form-by-supsystic allows Stored XSS.This issue affects Contact Form by Supsystic: from n/a through = 1.7.28...

CVE-2024-43230

Insertion of Sensitive Information Into Sent Data vulnerability in Anssi Laitila Shared Files shared-files.This issue affects Shared Files: from n/a through = 1.7.28...

PT-2024-32965 · Supsystic · Contact Form By Supsystic

Name of the Vulnerable Software and Affected Versions: Contact Form by Supsystic versions 1.7.28 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendation...

PT-2024-32961

Name of the Vulnerable Software and Affected Versions Supsystic Contact Form versions 1.7.28 and earlier Description The issue is related to an Improper Neutralization of Special Elements Used in a Template Engine vulnerability, which allows Command Injection. This can lead to potential cyber...

WordPress Contact Form by Supsystic plugin <= 1.7.28 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by UKO Patchstack Alliance in WordPress Plugin Contact Form by Supsystic versions = 1.7.28...

WordPress Contact Form by Supsystic Plugin <= 1.7.28 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form by Supsystic Type Plugin Vulnerable versions = 1.7.28 Fixed in 1.7.29 OWASP Top 10 A4: Insecure Design Classification Cross Site Scripting XSS CVE CVE-2024-48046 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID cce1073296d4 Credits UKO Required privile...